Plaintext Switch admin login password is seen in Brocade SANnav support save (CVE-2025-12772)

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. The...

CVE-2024-45367

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password...

Code injection

Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log...

Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery

Product : Catalyst 3850 Series Device Manager Version : 3.6.10E Date: 01.08.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Alperen Soydan Description : The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify...

Cisco Catalyst 3850 Series Device Manager 3.6.10E Cross Site Request Forgery

Product : Catalyst 3850 Series Device Manager Version : 3.6.10E Date: 01.08.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Alperen Soydan Description : The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify...

Credential disclosure in LXCA log files - us

Lenovo Security Advisory: LEN-11635 Potential Impact: Disclosure of credentials to a non-privileged user Severity: High Scope of Impact: Lenovo-specific CVE Identifier: CVE-2016-8233 Summary Description: During an internal security review, log files generated by Lenovo XClarity Administrator LXCA...