Brocade Sannav Security Vulnerabilities and Issues — Brocade Sannav CVE List

Lucene search

BroadcomBrocade Sannav

6 matches found

CVE•added 2024/07/09 12:15 p.m.•4336 views

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

9CVSS6.4AI score0.0084EPSS

CVE•added 2022/01/18 4:15 p.m.•591 views

CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings int...

9.8CVSS9.4AI score0.14404EPSS

CVE•added 2024/04/19 5:15 a.m.•62 views

CVE-2024-29966

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance.

9.8CVSS8.5AI score0.00291EPSS

CVE•added 2024/04/25 8:15 a.m.•47 views

CVE-2024-4173

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

9.8CVSS6.8AI score0.0015EPSS

CVE•added 2023/08/31 1:15 a.m.•39 views

CVE-2023-31424

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2aallows remote unauthenticated users to bypass web authentication andauthorization.

9.8CVSS8.8AI score0.00553EPSS

CVE•added 2020/09/25 2:15 p.m.•29 views

CVE-2019-16211

Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.

9.8CVSS9.4AI score0.00282EPSS