Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
broadcomBroadcom Security ResponseBSNSA23286
HistoryApr 25, 2024 - 12:00 a.m.

Brocade SANnav exposes Kafka in the wan interface (CVE-2024-4173)

2024-04-2500:00:00
Broadcom Security Response
support.broadcom.com
8
brocade sannav
vulnerability
kafka
wan interface
unauthenticated attacker
dos
software

0.0004 Low

EPSS

Percentile

9.0%

JSON

Brocade SANnav ports used by Kafka are open for the entire wan vs being limited to only the FabricOS switches discovered by the SANnav. Additionally, in Brocade SANnav versions priorto version v2.2.0, the Kafka process is started as a root user using defaultcredentials.

The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

Related

cvelist 1
nvd 1
cve 1
vulnrichment 1
cvelist
cvelist
CVE-2024-4173 SANnav versions exposes Kafka in the wan interface.
2024-04-25 07:30:44
nvd
nvd
CVE-2024-4173
2024-04-25 08:15:07
cve
cve
CVE-2024-4173
2024-04-25 08:15:07
vulnrichment
vulnrichment
CVE-2024-4173 SANnav versions exposes Kafka in the wan interface.
2024-04-25 07:30:44

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for BSNSA23286
cvelist1nvd1cve1vulnrichment1