Lucene search
BrocadeCVELIST:CVE-2024-29957HistoryApr 19, 2024 - 3:11 a.m.
CVE-2024-29957 Encryption key is stored in the DR log files
2024-04-1903:11:25
CWE-532
brocade
www.cve.org
brocade sannav
encryption key
dr log files
disaster recovery mode
attackers
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Brocade SANnav",
"vendor": "Brocade",
"versions": [
{
"status": "affected",
"version": "before v2.3.1 and v2.3.0a"
}
]
}
]Related
broadcom
broadcom
The encryption key is stored in the DR log files (CVE-2024-29957).
2024-04-17 00:00:00
nvd
nvd
CVE-2024-29957
2024-04-19 04:15:09
cve
cve
CVE-2024-29957
2024-04-19 04:15:09
vulnrichment
vulnrichment
CVE-2024-29957 Encryption key is stored in the DR log files
2024-04-19 03:11:25
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-29957