Brocade Sannav Security Vulnerabilities and Issues — Brocade Sannav CVE List

Lucene search

BroadcomBrocade Sannav

3 matches found

cve•added 2022/01/18 4:15 p.m.•703 views

CVE-2022-23302

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configura...

8.8CVSS9.3AI score0.72202EPSS

cve•added 2022/01/18 4:15 p.m.•591 views

CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings int...

9.8CVSS9.4AI score0.14404EPSS

cve•added 2022/12/09 2:15 a.m.•63 views

CVE-2022-33187

Brocade SANnav before v2.2.1 logs usernames and encoded passwords indebug-enabled logs. The vulnerability could allow an attacker with adminprivilege to read sensitive information.

5.5CVSS5AI score0.00137EPSS