Weak TLS Cipher Vulnerability in Brocade SANnav
CVE-2024-10405

6.9MEDIUM

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 15 February 2025

What is CVE-2024-10405?

Brocade SANnav versions before 2.3.1b are susceptible to a vulnerability that allows the use of weak TLS ciphers on ports 443 and 18082. This arrangement may enable an attacker to intercept and read performance data of monitored Brocade Fabric OS switches, including port status, zoning information, WWNs, and IP addresses. While this data is sensitive for network administration, it does not include customer data, personal information, or any form of credentials, thus limiting the potential impact on user privacy.

Affected Version(s)

Brocade SANnav Brocade SANnav before 2.3.1b

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 15, 2025