Brocade SANnav Password Leak Pre-2.2.2
CVE-2022-43936

4.9MEDIUM

Key Information:

Vendor: Brocade
Status: Sannav
Vendor: CVE Published:; 21 November 2024

What is CVE-2022-43936?

Brocade SANnav versions earlier than 2.2.2 exhibit a security flaw where switch passwords are logged during debugging sessions. This vulnerability can potentially expose sensitive authentication information, enabling unauthorized access to critical network components. Users of affected versions are strongly advised to upgrade to the latest release to mitigate this risk. For detailed information and recommendations regarding this issue, refer to the official security advisory provided by Broadcom.

Affected Version(s)

SANnav before Brocade SANnav 2.2.2

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2024
Vulnerability Reserved
Oct 26, 2022