27 July 2021
10 May 2021
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - 7.8
Summary Security Advisory ID : BSA-2021-1492 Component : ipfilter Revision : 1.1
Security Advisory ID : BSA-2021-1492
Component : ipfilter
Revision : 1.1
The command â€œipfilterâ€ in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.
Brocade Fabric OS versions before v9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h.
Products Confirmed Not Vulnerable
No other Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.
A security update has been provided in Brocade Fabric OS versions v9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h.
This issue was discovered through security testing.
|1.0||Initial Publication||May 10, 2021|
|1.1||Added v7.4.2h||July 27, 2021|