Vulnerabilities > CVE-2021-27790 - Out-of-bounds Write vulnerability in Broadcom Fabric Operating System

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
broadcom
CWE-787

Summary

The command ipfilter in Brocade Fabric OS before Brocade Fabric OS v.9.0.1a, v8.2.3, and v8.2.0_CBN4, and v7.4.2h uses unsafe string function to process user input. Authenticated attackers can abuse this vulnerability to exploit stack-based buffer overflows, allowing execution of arbitrary code as the root user account.

Vulnerable Configurations

Part Description Count
OS
Broadcom
125

Common Weakness Enumeration (CWE)