Encryption Key Exposure in Brocade SANnav by Broadcom
CVE-2025-1053

8.6HIGH

Key Information:

Vendor: Brocade
Status: Brocade Sannav
Vendor: CVE Published:; 14 February 2025

What is CVE-2025-1053?

During specific error conditions encountered during the installation or upgrade of Brocade SANnav, sensitive encryption keys may be incorrectly written and accessible through the Brocade SANnav supportsave feature. This scenario allows an attacker with privileged access to the Brocade SANnav database to retrieve these keys, potentially leading to unauthorized access to sensitive passwords utilized within the SANnav environment.

Affected Version(s)

Brocade SANnav Brocade SANnav before 2.3.1b

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2025
Vulnerability Reserved
Feb 4, 2025