Lucene search
BrocadeCVELIST:CVE-2024-29950HistoryApr 17, 2024 - 6:21 p.m.
CVE-2024-29950 Brocade SANnav before v2.3.1, v2.3.0a uses weak encryption
2024-04-1718:21:35
CWE-326
brocade
www.cve.org
3
brocade sannav
weak encryption
cve-2024-29950
sha-1
man-in-the-middle attack
remote attacker
unauthenticated
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash.
The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Brocade SANnav",
"vendor": "Brocade",
"versions": [
{
"status": "affected",
"version": "versions before Brocade SANnav v2.3.1, v2.3.0a"
}
]
}
]Related
nvd
nvd
CVE-2024-29950
2024-04-17 19:15:07
cve
cve
CVE-2024-29950
2024-04-17 19:15:07
vulnrichment
vulnrichment
CVE-2024-29950 Brocade SANnav before v2.3.1, v2.3.0a uses weak encryption
2024-04-17 18:21:35
broadcom
broadcom
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-29950