Lucene search

BrocadeVULNRICHMENT:CVE-2024-29959

HistoryApr 19, 2024 - 3:19 a.m.

CVE-2024-29959 Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save

2024-04-1903:19:28

CWE-532

brocade

github.com

brocade

fabric os

encrypted passwords

vulnerability

sannav

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node’s support save.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:brocade:sannav:*:*:*:*:*:*:*:*"
    ],
    "vendor": "brocade",
    "product": "sannav",
    "versions": [
      {
        "status": "affected",
        "version": "*"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

support.broadcom.com/external/content/SecurityAdvisories/0/23243

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

6.9

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-29959