Broadcom

Brocade Sannav

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2022-43935

  • EPSS 0.04%
  • Veröffentlicht 21.11.2024 11:15:14
  • Zuletzt bearbeitet 04.02.2025 18:16:02

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file.

7.5

CVE-2022-43934

  • EPSS 0.08%
  • Veröffentlicht 21.11.2024 11:15:12
  • Zuletzt bearbeitet 04.02.2025 18:14:21

Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered weak on ports 24, 6514, 18023, 19094, and 19095.

4.4

CVE-2022-43933

  • EPSS 0.04%
  • Veröffentlicht 21.11.2024 11:15:11
  • Zuletzt bearbeitet 04.02.2025 18:13:36

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. Supportsave file is generated by an admin user troubleshooting the switch. The Logged ...

9

CVE-2024-3596

Medienbericht
  • EPSS 24.61%
  • Veröffentlicht 09.07.2024 12:15:20
  • Zuletzt bearbeitet 04.09.2025 21:15:32

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Respon...

7.8

CVE-2024-2860

  • EPSS 0.08%
  • Veröffentlicht 08.05.2024 02:15:09
  • Zuletzt bearbeitet 06.02.2025 17:54:45

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL...

7.2

CVE-2024-2859

  • EPSS 2.14%
  • Veröffentlicht 27.04.2024 00:15:07
  • Zuletzt bearbeitet 02.09.2025 18:31:13

By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account.

9.8

CVE-2024-4173

  • EPSS 0.2%
  • Veröffentlicht 25.04.2024 08:15:07
  • Zuletzt bearbeitet 06.02.2025 17:53:25

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

7.5

CVE-2024-4161

  • EPSS 0.2%
  • Veröffentlicht 25.04.2024 06:16:01
  • Zuletzt bearbeitet 06.02.2025 17:50:45

In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could allow an unauthenticated, remote attacker to capture sensitive information.

5.3

CVE-2024-4159

  • EPSS 0.36%
  • Veröffentlicht 25.04.2024 06:16:00
  • Zuletzt bearbeitet 06.02.2025 17:49:55

Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information.

7.5

CVE-2024-29969

  • EPSS 0.17%
  • Veröffentlicht 19.04.2024 06:15:07
  • Zuletzt bearbeitet 04.02.2025 15:41:14

When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082.