CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6392 – Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)
https://notcve.org/view.php?id=CVE-2025-6392
10 Jul 2025 — Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35910 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6390 – Cleartext storage of sensitive information in Brocade SANnav server audit logs.
https://notcve.org/view.php?id=CVE-2025-6390
10 Jul 2025 — Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the Brocade SANnav server audit logs after installation and under specific conditions. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35909 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4662 – Plaintext security passwords are logged in the audit logs while executing openssl cmd
https://notcve.org/view.php?id=CVE-2025-4662
10 Jul 2025 — Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35908 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 1CVE-2024-3596 – RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.
https://notcve.org/view.php?id=CVE-2024-3596
09 Jul 2024 — RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. El protocolo RADIUS según RFC 2865 es susceptible a ataques de falsificación por parte de un atacante local que puede modificar cualquier respuesta válida (acceso-aceptación, acceso-rechazo o acceso-desafío) a cualquier otra respuesta... • https://github.com/alperenugurlu/CVE-2024-3596-Detector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-328: Use of Weak Hash CWE-354: Improper Validation of Integrity Check Value CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2860
https://notcve.org/view.php?id=CVE-2024-2860
08 May 2024 — The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database. La implementación de PostgreSQL en las versiones de Brocade SANnav anteriores a la 2.3.0a es vulnerable a una falla de autenticación local incorrecta. Un atacante que acceda a la máquina virtual donde está instalado Brocade SANnav puede obtener acceso... • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2859 – By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859)
https://notcve.org/view.php?id=CVE-2024-2859
27 Apr 2024 — By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. De forma predeterminada, SANnav OVA se envía con el inicio de sesión de usuario raíz habilitado. Si bien está protegido por una contraseña, el acceso a la cuenta raíz podría exponer a SANnav a un atacante remoto en caso de que obtenga acceso a la cuenta raíz. • https://security.netapp.com/advisory/ntap-20240628-0003 • CWE-276: Incorrect Default Permissions •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4161 – Syslog traffic sent in clear-text
https://notcve.org/view.php?id=CVE-2024-4161
25 Apr 2024 — In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could allow an unauthenticated, remote attacker to capture sensitive information. En Brocade SANnav, antes de Brocade SANnav v2.3.0, el tráfico de syslog recibía texto plano. Esto podría permitir que un atacante remoto no autenticado capture información confidencial. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23284 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4159 – Protection mechanisms
https://notcve.org/view.php?id=CVE-2024-4159
25 Apr 2024 — Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information. Brocade SANnav anterior a Brocade SANnav v2.3.1 carece de mecanismos de protección en los puertos 2377/TCP y 7946/TCP, lo que podría permitir que un atacante remoto no autenticado acceda a las API de Kafka y envíe datos maliciosos. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23282 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29969 – TLS/SSL weak message authentication code ciphers are added by default for port 18082
https://notcve.org/view.php?id=CVE-2024-29969
19 Apr 2024 — When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082. Cuando se actualiza una instalación de Brocade SANnav de Brocade SANnav v2.2.2 a Brocade SANnav 2.3.0, los cifrados de códigos de autenticación de mensajes débiles TLS/SSL se agregan de forma predeterminada para el puerto 18082. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23251 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29968 – SQL Table names, column names, and SQL queries are collected in DR standby Supportsave
https://notcve.org/view.php?id=CVE-2024-29968
19 Apr 2024 — An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. SQL Table names, column names, and SQL queries are collected in DR standby Supportsave. This could allow authenticated users to access the database structure and its contents. Existe una vulnerabilidad de divulgación de información en Brocade SANnav anterior a v2.3.1 y v2.3.0a cuando las instancias de Brocade SANnav están configuradas en modo de r... • https://support.broadcom.com/external/content/SecurityAdvisories/0/23253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •