Base64 Password Encoding Vulnerability in Brocade SANnav Products
CVE-2022-28168
7.5HIGH
What is CVE-2022-28168?
Brocade SANnav prior to v2.2.0.2 and v2.1.1.8 suffers from a vulnerability where encoded passwords for the SCP server are stored using Base64 encoding. This flawed encoding mechanism can allow attackers with access to log files to easily decode and retrieve sensitive passwords, posing a serious security risk to network environments relying on Brocade technology.
Affected Version(s)
Brocade SANnav versions before v2.2.0.2 and v2.1.1.8