CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15377
https://notcve.org/view.php?id=CVE-2020-15377
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). Las herramientas web de Brocade SANNav versiones anteriores a 2.1.1, permiten a usuarios no autenticados realizar peticiones a hosts arbitrarios debido a una configuración errónea; esto se conoce comúnmente como vulnerabilidad de tipo Server-Side Request Forgery (SSRF) • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1480 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15382
https://notcve.org/view.php?id=CVE-2020-15382
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. Brocade SANnav versiones anteriores a 2.1.1, usa una cuenta de administrador codificada con la contraseña débil "passw0rd" si no es proporcionado una contraseña para PostgreSQL en el momento de la instalación • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1484 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15381
https://notcve.org/view.php?id=CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. Brocade SANnav versiones anteriores a 2.1.1, contiene una vulnerabilidad de Autenticación Inapropiada que permite la transmisión de texto sin cifrar de las credenciales de autenticación del servidor jmx • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1483 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16211
https://notcve.org/view.php?id=CVE-2019-16211
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. Brocade SANnav versiones anteriores a v2.1.0, contienen una vulnerabilidad de almacenamiento de contraseña de texto plano • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1076 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16212
https://notcve.org/view.php?id=CVE-2019-16212
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability could allow a remote attacker to bypass the authentication process. Una vulnerabilidad en Brocade SANnav versiones anteriores a v2.1.0, podría permitir a un atacante autenticado remoto llevar a cabo una inyección del LDAP. La vulnerabilidad podría permitir a un atacante remoto omitir el proceso de autenticación • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-1074 •