Log File Vulnerability in Brocade SANnav Exposes Configuration Secrets
CVE-2022-43933
4.4MEDIUM
What is CVE-2022-43933?
An information exposure vulnerability exists in Brocade SANnav prior to version 2.2.2, where sensitive configuration secrets may be inadvertently recorded in log files generated during troubleshooting procedures. The supportsave file, created by an administrative user, can contain critical information such as usernames, passwords, and secret keys. This unintended logging poses a significant security risk, potentially allowing unauthorized access to sensitive data.
Affected Version(s)
SANnav before Brocade SANnav 2.2.2