Brocade SANnav Vulnerability: Encrypted Passwords Printed in Standby Node
CVE-2024-29959

8.6HIGH

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 19 April 2024

What is CVE-2024-29959?

A vulnerability exists in Brocade SANnav prior to versions 2.3.1 and 2.3.0a, which allows for the exposure of encrypted passwords for Brocade Fabric OS switches through the standby node's support save feature. This could lead to unauthorized access if the encrypted information is intercepted or misused. Users of affected versions are urged to implement remediation measures promptly to safeguard sensitive information and maintain system integrity.

Affected Version(s)

Brocade SANnav before v2.3.1 and v2.3.0a

References

https://support.broadcom.com/external/content/SecurityAdv...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 19, 2024
Vulnerability Reserved
Mar 22, 2024