Account Credential Exposure in Brocade SANnav by Broadcom
CVE-2020-15380

7.5HIGH

Key Information:

Vendor: Broadcom
Status: Brocade Sannav
Vendor: CVE Published:; 9 June 2021

Summary

Brocade SANnav versions before 2.1.1 contain a vulnerability where account credentials are logged at the ‘trace’ logging level. This logging practice can lead to the unintended exposure of sensitive account details, putting systems at risk. Proper handling and safeguarding of account information in log files is essential to maintain security and prevent unauthorized access.

Affected Version(s)

Brocade SANnav Brocade SANnav before version 2.1.1

References

https://www.broadcom.com/support/fibre-channel-networking...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 9, 2021
Vulnerability Reserved
Jun 29, 2020