Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
broadcomBroadcom Security ResponseBSNSA23226
HistoryApr 30, 2024 - 12:00 a.m.

password management API prints sensitive information in log files (CVE-2024-29954)

2024-04-3000:00:00
Broadcom Security Response
support.broadcom.com
12
vulnerability
password management
api
brocade fabric os
sensitive information
log files
authenticated user
server passwords
scp
sftp
firmware
cve-2024-29954

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp.

Detail.
When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.

Related

nvd 1
cvelist 1
vulnrichment 1
cve 1
nvd
nvd
CVE-2024-29954
2024-06-26 00:15:10
cvelist
cvelist
CVE-2024-29954 password management API prints sensitive information in log files
2024-06-25 23:42:50
vulnrichment
vulnrichment
CVE-2024-29954 password management API prints sensitive information in log files
2024-06-25 23:42:50
cve
cve
CVE-2024-29954
2024-06-26 00:15:10

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for BSNSA23226
nvd1cvelist1vulnrichment1cve1