CVE-2024-4161

EPSS 0.2%
Published 25.04.2024 06:16:01
Last modified 06.02.2025 17:50:45
Source sirt@brocade.com
Teams watchlist Login
Open Login

In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received
 clear text. This could allow an unauthenticated, remote attacker to 
capture sensitive information.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Broadcom ≫ Brocade Sannav Version < 2.3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.2%	0.427

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
sirt@brocade.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

https://support.broadcom.com/external/content/SecurityAdvisories/0/23284

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-4161

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-4161

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-4161

EUVD