Weak Encryption in Brocade SANnav Application Exposes Passwords
CVE-2022-28164
6.5MEDIUM
What is CVE-2022-28164?
The Brocade SANnav application, prior to version 2.2.0, implements the Blowfish symmetric encryption algorithm for storing passwords. This design choice poses a security risk, as an authenticated attacker could potentially employ decryption techniques to access and misuse stored account passwords, compromising the integrity and confidentiality of users' data.
Affected Version(s)
Brocade SANNav Brocade SANNav before 2.2.0