Lucene search
HistoryDec 09, 2022 - 2:15 a.m.
CVE-2022-33187
brocade
sannav
vulnerability
cve-2022-33187
sensitive information
debug-enabled logs
admin privilege
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.9%
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in
debug-enabled logs. The vulnerability could allow an attacker with admin
privilege to read sensitive information.
Affected configurations
Node
broadcombrocade_sannavRange<2.2.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| broadcom:brocade_sannav | broadcom brocade sannav | lt | 2.2.1 |
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Brocade SANnav",
"vendor": "Brocade",
"versions": [
{
"status": "affected",
"version": "Brocade SANnav versions before v2.2.1"
}
]
}
]Related
broadcom
broadcom
nvd
nvd
CVE-2022-33187
2022-12-09 02:15:09
prion
prion
Information disclosure
2022-12-09 02:15:00
cvelist
cvelist
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.9%
Related for CVE-2022-33187