Lucene search
K

Severe Flaws Disclosed in Brocade SANnav SAN Management Software

🗓️ 26 Apr 2024 14:03:00Reported by The Hacker NewsType 
thn
 thn
🔗 thehackernews.com👁 55 Views

Severe Brocade SANnav vulnerabilities disclosed, impacting all versions up to 2.3.0, allowing remote attacks to compromise device security. Flaws addressed in version 2.3.1.

Related
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the Brocade SANnav network management software lies in the use of strictly encrypted user credentials, which allows an intruder to gain unauthorized access to protected information.
17 May 202400:00
bdu_fstec
BDU FSTEC
The vulnerability of the Brocade SANnav network management software, due to deficiencies in access control, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
17 May 202400:00
bdu_fstec
BDU FSTEC
The vulnerability of the Brocade SANnav network management software lies in the use of strictly encrypted user credentials. This allows a hacker to obtain the user’s credentials with root privileges.
26 Jun 202400:00
bdu_fstec
BDU FSTEC
The vulnerability of the Brocade SANnav network management software, which stems from the use of strictly encrypted credentials, allows a hacker to perform a Man-in-the-Middle attack and decrypt SSH traffic.
26 Jun 202400:00
bdu_fstec
Broadcom
Identical SSH keys utilized inside the OVA image (CVE-2024-29960)
17 Apr 202400:00
broadcom
Broadcom
By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859)
16 Apr 202400:00
broadcom
Broadcom
Ping at regular intervals (CVE-2024-29961)
17 Apr 202400:00
broadcom
Broadcom
Hardcoded TLS keys used by Docker (CVE-2024-29963).
17 Apr 202400:00
broadcom
Broadcom
hard-coded credential in the documentation that appear as the root password (CVE-2024-29966).
17 Apr 202400:00
broadcom
Broadcom
Security update provided in Brocade SANnav 2.3.0a and 2.3.1
30 Apr 202400:00
broadcom
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation