Brocade Sannav@* Security Vulnerabilities and Issues — Brocade Sannav@* CVE List

Lucene search

BroadcomBrocade Sannav*

8 matches found

CVE•added 2025/02/14 5:15 a.m.•46 views

CVE-2024-2240

Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.

8.6CVSS6.5AI score0.00232EPSS

CVE•added 2025/02/14 4:15 a.m.•45 views

CVE-2025-1053

Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANnav.

8.6CVSS6.7AI score0.00033EPSS

CVE•added 2025/02/15 12:15 a.m.•43 views

CVE-2024-4282

Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22.

9.8CVSS7.1AI score0.00055EPSS

CVE•added 2025/02/14 4:15 a.m.•40 views

CVE-2024-10404

CalInvocationHandler in BrocadeSANnav before 2.3.1b logs sensitive information in clear text. Thevulnerability could allow an authenticated, local attacker to viewBrocade Fabric OS switch sensitive information in clear text. Anattacker with administrative privileges could retrieve sensitiveinformat...

5.5CVSS5.4AI score0.00062EPSS

CVE•added 2025/02/15 12:15 a.m.•36 views

CVE-2024-10405

Brocade SANnav before SANnav 2.3.1benables weak TLS ciphers on ports 443 and 18082. In case of a successfulexploit, an attacker can read Brocade SANnav data stream that includesmonitored Brocade Fabric OS switches performance data, port status,zoning information, WWNs, IP Addresses, but no customer...

6.9CVSS6.9AI score0.00032EPSS

CVE•added 2025/07/10 9:15 p.m.•17 views

CVE-2025-4662

Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VM’s audit logs and ...

5.1CVSS6.8AI score0.00017EPSS

CVE•added 2025/07/10 9:15 p.m.•11 views

CVE-2025-6390

Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the Brocade SANnav server audit logs after installation and under specific conditions. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the ho...

5.1CVSS6.8AI score0.00017EPSS

CVE•added 2025/07/10 10:15 p.m.•11 views

CVE-2025-6392

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server adm...

6.7CVSS6.4AI score0.00017EPSS