Plaintext Switch admin login password is seen in Brocade SANnav support save (CVE-2025-12772)

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. The...

CVE-2024-45367

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password...

Code injection

Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log...

Cisco Catalyst 3850 Series Device Manager 3.6.10E Cross Site Request Forgery

Product : Catalyst 3850 Series Device Manager Version : 3.6.10E Date: 01.08.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Alperen Soydan Description : The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify...

Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery

Product : Catalyst 3850 Series Device Manager Version : 3.6.10E Date: 01.08.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Alperen Soydan Description : The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify...

Credential disclosure in LXCA log files - us

Lenovo Security Advisory: LEN-11635 Potential Impact: Disclosure of credentials to a non-privileged user Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2016-8233 Summary Description: During an internal security review, log files generated by Lenovo XClarity Administrator LXCA...