SANnav OVA Vulnerability: Root User Login Exposes System to Remote Attack
CVE-2024-2859

6.8MEDIUM

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 27 April 2024

What is CVE-2024-2859?

By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account.

Affected Version(s)

Brocade SANnav v2.3.0

References

https://support.broadcom.com/external/content/SecurityAdv...

https://security.netapp.com/advisory/ntap-20240628-0003/

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2024

JSON