Brocade SANnav Vulnerability: Console Encryption Key Exposure
CVE-2024-29958

6.5MEDIUM

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 19 April 2024

What is CVE-2024-29958?

A security vulnerability in Brocade SANnav prior to version 2.3.1 and 2.3.0a allows privileged users to inadvertently print an encryption key to the console while executing scripts to replace the Management Portal standby node. This exposure can be exploited by attackers, leading to potential unauthorized access to sensitive data. Organizations utilizing these affected versions should prioritize upgrading their systems to mitigate this risk.

Affected Version(s)

Brocade SANnav before v2.3.1 and v2.3.0a

References

https://support.broadcom.com/external/content/SecurityAdv...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 19, 2024
Vulnerability Reserved
Mar 22, 2024