memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
Exploitability
AV:AAC:LAu:NImpact
C:PI:PA:N4.8/AV:A/AC:L/Au:N/C:P/I:P/A:N