Database Connection Password Exposure in Brocade SANnav
CVE-2019-16210

5.5MEDIUM

Key Information:

Vendor: Brocade Communications Systems, Inc.
Status: Brocade Sannav
Vendor: CVE Published:; 8 November 2019

What is CVE-2019-16210?

Brocade SANnav versions prior to v2.0 contain a vulnerability that causes sensitive database connection passwords to be logged in plaintext during the support save operation. This exposure can potentially allow unauthorized access to the database, leading to significant security risks. Organizations using affected versions should consider upgrading to mitigate this risk.

Affected Version(s)

Brocade SANnav versions before v2.0

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 8, 2019
Vulnerability Reserved
Sep 10, 2019

Brocade Communications Systems, Inc.

What is CVE-2019-16210?

Affected Version(s)

References

CVSS V3.1

Timeline