Lucene search

K
cveBrocadeCVE-2024-29951
HistoryApr 17, 2024 - 8:15 p.m.

CVE-2024-29951

2024-04-1720:15:08
CWE-326
brocade
web.nvd.nist.gov
34
brocade
sannav
ssh
vulnerability
sha-1
hash
internal
ports
remote connection

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

9.0%

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Brocade SANnav",
    "vendor": "Brocade",
    "versions": [
      {
        "status": "affected",
        "version": "before v2.3.1 and v2.3.0a"
      }
    ]
  }
]

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

9.0%

Related for CVE-2024-29951