7.5
CVE-2024-29957
- EPSS 0.29%
- Veröffentlicht 19.04.2024 04:15:09
- Zuletzt bearbeitet 04.02.2025 15:57:57
- Quelle sirt@brocade.com
- Teams Watchlist Login
- Unerledigt Login
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Brocade Sannav Version < 2.3.0a
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.517 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| sirt@brocade.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.