Broadcom

Brocade Sannav

54 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2025-6390

  • EPSS 0.02%
  • Published 10.07.2025 21:15:29
  • Last modified 27.08.2025 17:56:40

Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the Brocade SANnav server audit logs after installation and under specific conditions. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These lo...

4.4

CVE-2025-6392

  • EPSS 0.02%
  • Published 10.07.2025 21:14:15
  • Last modified 27.08.2025 17:55:17

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANn...

4.4

CVE-2025-4662

  • EPSS 0.02%
  • Published 10.07.2025 20:41:20
  • Last modified 27.08.2025 17:57:10

Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These au...

9.8

CVE-2024-4282

  • EPSS 0.06%
  • Published 15.02.2025 00:15:13
  • Last modified 26.08.2025 19:42:18

Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22.

5.3

CVE-2024-10405

  • EPSS 0.04%
  • Published 15.02.2025 00:15:13
  • Last modified 26.08.2025 19:44:01

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status,...

7.2

CVE-2024-2240

  • EPSS 0.26%
  • Published 14.02.2025 05:15:11
  • Last modified 26.08.2025 19:48:30

Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.

4.9

CVE-2025-1053

  • EPSS 0.03%
  • Published 14.02.2025 04:15:08
  • Last modified 26.09.2025 14:03:27

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encrypti...

4.4

CVE-2024-10404

  • EPSS 0.01%
  • Published 14.02.2025 04:15:07
  • Last modified 26.08.2025 20:02:17

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with a...

5.5

CVE-2022-43937

  • EPSS 0.09%
  • Published 21.11.2024 11:15:14
  • Last modified 04.02.2025 18:19:12

Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a

4.9

CVE-2022-43936

  • EPSS 0.11%
  • Published 21.11.2024 11:15:14
  • Last modified 04.02.2025 18:19:49

Brocade SANnav versions before 2.2.2 log Brocade Fabric OS switch passwords when debugging is enabled.