Unauthenticated Remote Attackers Could Capture Sensitive Information in Brocade SANnav Before v2.3.0
CVE-2024-4161

7.5HIGH

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 25 April 2024

What is CVE-2024-4161?

Brocade SANnav, prior to version 2.3.0, contains a vulnerability that permits the exposure of syslog traffic in clear text format. This security flaw allows an unauthenticated remote attacker to intercept and capture sensitive information transmitted over the network. Organizations utilizing affected versions of Brocade SANnav should consider updating to the latest version to mitigate the risk associated with this vulnerability and to secure their information transmission processes.

Affected Version(s)

Brocade SANnav before v2.3.0

References

https://support.broadcom.com/external/content/SecurityAdv...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2024
Vulnerability Reserved
Apr 25, 2024