CVE-2019-16208
https://notcve.org/view.php?id=CVE-2019-16208
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.). El algoritmo password-based encryption (PBE), de Brocade SANnav versiones anteriores a v2.0, presenta una debilidad en la generación de claves criptográficas que puede permitir a un atacante descifrar las contraseñas utilizadas con varios servicios (Radius, TACAS, etc.). • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-867 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2019-16207
https://notcve.org/view.php?id=CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges. Brocade SANnav versiones anteriores a v2.0, utilizan una contraseña embebida, lo que podría permitir a atacantes autenticados locales acceder a una base de datos del back-end y alcanzar privilegios. • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-866 • CWE-798: Use of Hard-coded Credentials •