CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15380
https://notcve.org/view.php?id=CVE-2020-15380
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. Brocade SANNav versiones anteriores a 2.1.1, registra las credenciales de la cuenta en el nivel de registro "trace" • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1482 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15378
https://notcve.org/view.php?id=CVE-2020-15378
The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. La versión OVA de Brocade SANNav versiones anteriores a 2.1.1, de instalación con red IPv6 expone los puertos del contenedor Docker a la red, incrementando la superficie de ataque potencial • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1481 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15377
https://notcve.org/view.php?id=CVE-2020-15377
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). Las herramientas web de Brocade SANNav versiones anteriores a 2.1.1, permiten a usuarios no autenticados realizar peticiones a hosts arbitrarios debido a una configuración errónea; esto se conoce comúnmente como vulnerabilidad de tipo Server-Side Request Forgery (SSRF) • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1480 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15381
https://notcve.org/view.php?id=CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. Brocade SANnav versiones anteriores a 2.1.1, contiene una vulnerabilidad de Autenticación Inapropiada que permite la transmisión de texto sin cifrar de las credenciales de autenticación del servidor jmx • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1483 • CWE-522: Insufficiently Protected Credentials •