Possible Log File Vulnerability Affecting Sensitive Fields in Brocade SANnav Before 2.3.0 and 2.2.2a
CVE-2022-43937

5.5MEDIUM

Key Information:

Vendor: Brocade
Status: Sannav
Vendor: CVE Published:; 21 November 2024

What is CVE-2022-43937?

A potential information exposure vulnerability exists in the Brocade SANnav platform, where sensitive fields may be inadvertently logged due to debug-enabled logging being activated. This issue could allow unauthorized access to sensitive data such as user credentials and other confidential information if the logs are accessed by an attacker. The vulnerability affects versions prior to 2.3.0 and version 2.2.2a, necessitating immediate attention to secure sensitive information from being exposed in logs.

Affected Version(s)

SANnav Brocade SANnav before v2.3.0 and 2.2.2a

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2024
Vulnerability Reserved
Oct 26, 2022