exploitDog

CVE-2021-42772

Опубликовано: 03 нояб. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 6.8

EPSS Низкий

Описание

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a buffer overflow vulnerability in the remote GetDumpFile command that could allow a user to attempt various attacks. In non-secure mode, the user is unauthenticated

Ссылки

https://docs.broadcom.com/doc/elx_HBAManager-Lin-RN12811-101.pdf
Exploit
Vendor Advisory
https://docs.broadcom.com/doc/elx_HBAManager-Lin-RN12811-101.pdf
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:emulex_hba_manager:*:*:*:*:*:*:*:*

Версия до 11.4.425.0 (исключая)

cpe:2.3:a:broadcom:one_command_manager:*:*:*:*:*:*:*:*

Версия до 12.8.542.31 (исключая)

EPSS

Процентиль: 71%

0.00673

Низкий

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-120

EPSS

Процентиль: 71%

0.00673

Низкий

9.8 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-120