Broadcom

Brocade Sannav

54 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-29958

  • EPSS 0.29%
  • Published 19.04.2024 04:15:09
  • Last modified 04.02.2025 15:57:10

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, ...

7.5

CVE-2024-29957

  • EPSS 0.29%
  • Published 19.04.2024 04:15:09
  • Last modified 04.02.2025 15:57:57

When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.

6.5

CVE-2024-29956

  • EPSS 0.15%
  • Published 18.04.2024 02:15:06
  • Last modified 04.02.2025 15:58:26

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.

5.5

CVE-2024-29955

  • EPSS 0.11%
  • Published 17.04.2024 22:15:08
  • Last modified 04.02.2025 16:03:04

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption ...

5.5

CVE-2024-29952

  • EPSS 0.06%
  • Published 17.04.2024 22:15:08
  • Last modified 04.02.2025 16:02:13

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables.

5.7

CVE-2024-29951

  • EPSS 0.07%
  • Published 17.04.2024 20:15:08
  • Last modified 04.02.2025 16:01:19

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.

5.9

CVE-2024-29950

  • EPSS 0.18%
  • Published 17.04.2024 19:15:07
  • Last modified 04.02.2025 15:40:21

The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.

6.5

CVE-2023-31925

  • EPSS 0.04%
  • Published 31.08.2023 01:15:08
  • Last modified 21.11.2024 08:02:24

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if...

9.8

CVE-2023-31424

  • EPSS 0.55%
  • Published 31.08.2023 01:15:08
  • Last modified 13.02.2025 17:16:27

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization.

5.5

CVE-2023-31423

  • EPSS 0.06%
  • Published 31.08.2023 01:15:07
  • Last modified 13.02.2025 17:16:27

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access t...