Brocade Sannav Security Vulnerabilities and Issues — Brocade Sannav CVE List

Lucene search

BroadcomBrocade Sannav

8 matches found

CVE•added 2024/04/19 5:15 a.m.•135 views

CVE-2024-29964

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.

6.5CVSS5.3AI score0.00224EPSS

CVE•added 2024/04/19 5:15 a.m.•72 views

CVE-2024-29965

In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface ("SSH"). The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the passwo...

6.8CVSS6.7AI score0.00234EPSS

CVE•added 2024/04/19 5:15 a.m.•63 views

CVE-2024-29967

In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to t...

6CVSS6.4AI score0.00084EPSS

CVE•added 2024/11/21 11:15 a.m.•57 views

CVE-2022-43936

Brocade SANnav versions before 2.2.2 log Brocade Fabric OS switch passwords when debugging is enabled.

6.8CVSS6.6AI score0.00104EPSS

CVE•added 2024/04/18 2:15 a.m.•45 views

CVE-2024-29956

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.

6.5CVSS6.9AI score0.00146EPSS

CVE•added 2025/02/15 12:15 a.m.•36 views

CVE-2024-10405

Brocade SANnav before SANnav 2.3.1benables weak TLS ciphers on ports 443 and 18082. In case of a successfulexploit, an attacker can read Brocade SANnav data stream that includesmonitored Brocade Fabric OS switches performance data, port status,zoning information, WWNs, IP Addresses, but no customer...

6.9CVSS6.9AI score0.00032EPSS

CVE•added 2023/08/31 1:15 a.m.•25 views

CVE-2023-31925

BrocadeSANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwordsin plaintext. A privileged user could retrieve these credentials withknowledge and access to these log files. SNMPcredentials could be seen in SANnav SupportSave if the capture isperformed after an SNMP configuration fail...

6.5CVSS5.7AI score0.00039EPSS

CVE•added 2025/07/10 10:15 p.m.•11 views

CVE-2025-6392

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server adm...

6.7CVSS6.4AI score0.00016EPSS