CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 1CVE-2024-3596 – RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.
https://notcve.org/view.php?id=CVE-2024-3596
09 Jul 2024 — RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. El protocolo RADIUS según RFC 2865 es susceptible a ataques de falsificación por parte de un atacante local que puede modificar cualquier respuesta válida (acceso-aceptación, acceso-rechazo o acceso-desafío) a cualquier otra respuesta... • https://github.com/alperenugurlu/CVE-2024-3596-Detector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-328: Use of Weak Hash CWE-354: Improper Validation of Integrity Check Value CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2860
https://notcve.org/view.php?id=CVE-2024-2860
08 May 2024 — The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database. La implementación de PostgreSQL en las versiones de Brocade SANnav anteriores a la 2.3.0a es vulnerable a una falla de autenticación local incorrecta. Un atacante que acceda a la máquina virtual donde está instalado Brocade SANnav puede obtener acceso... • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2859 – By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859)
https://notcve.org/view.php?id=CVE-2024-2859
27 Apr 2024 — By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account. De forma predeterminada, SANnav OVA se envía con el inicio de sesión de usuario raíz habilitado. Si bien está protegido por una contraseña, el acceso a la cuenta raíz podría exponer a SANnav a un atacante remoto en caso de que obtenga acceso a la cuenta raíz. • https://security.netapp.com/advisory/ntap-20240628-0003 • CWE-276: Incorrect Default Permissions •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4161 – Syslog traffic sent in clear-text
https://notcve.org/view.php?id=CVE-2024-4161
25 Apr 2024 — In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could allow an unauthenticated, remote attacker to capture sensitive information. En Brocade SANnav, antes de Brocade SANnav v2.3.0, el tráfico de syslog recibía texto plano. Esto podría permitir que un atacante remoto no autenticado capture información confidencial. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23284 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4159 – Protection mechanisms
https://notcve.org/view.php?id=CVE-2024-4159
25 Apr 2024 — Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information. Brocade SANnav anterior a Brocade SANnav v2.3.1 carece de mecanismos de protección en los puertos 2377/TCP y 7946/TCP, lo que podría permitir que un atacante remoto no autenticado acceda a las API de Kafka y envíe datos maliciosos. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23282 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29969 – TLS/SSL weak message authentication code ciphers are added by default for port 18082
https://notcve.org/view.php?id=CVE-2024-29969
19 Apr 2024 — When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082. Cuando se actualiza una instalación de Brocade SANnav de Brocade SANnav v2.2.2 a Brocade SANnav 2.3.0, los cifrados de códigos de autenticación de mensajes débiles TLS/SSL se agregan de forma predeterminada para el puerto 18082. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23251 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29968 – SQL Table names, column names, and SQL queries are collected in DR standby Supportsave
https://notcve.org/view.php?id=CVE-2024-29968
19 Apr 2024 — An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. SQL Table names, column names, and SQL queries are collected in DR standby Supportsave. This could allow authenticated users to access the database structure and its contents. Existe una vulnerabilidad de divulgación de información en Brocade SANnav anterior a v2.3.1 y v2.3.0a cuando las instancias de Brocade SANnav están configuradas en modo de r... • https://support.broadcom.com/external/content/SecurityAdvisories/0/23253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29967 – In Brocade SANnav before v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points
https://notcve.org/view.php?id=CVE-2024-29967
19 Apr 2024 — In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files. En Brocade SANnav anterior a Brocade SANnav v2.31 y v2.3.0a, se observó que las instancias de Docker dentro del dispositivo tenían puntos de montaje inseguros, lo que permitía acceso de lectura y escri... • https://support.broadcom.com/external/content/SecurityAdvisories/0/23254 • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29966 – hard-coded credentials in the documentation that appear as the appliance root password
https://notcve.org/view.php?id=CVE-2024-29966
19 Apr 2024 — Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance. Brocade SANnav OVA anterior a v2.3.1 y v2.3.0a contiene credenciales codificadas en la documentación que aparecen como la contraseña raíz del dispositivo. La vulnerabilidad podría permitir a un atacante no autenticado acceso completo al dispositivo Brocade SANnav. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23255 • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29965 – Insecure backup
https://notcve.org/view.php?id=CVE-2024-29965
19 Apr 2024 — In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface ("SSH"). The resulting backups are world-readable. A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the passwords of all the switches. En Brocade SANnav anterior a v2.3.1 y v2.3.0a, es posible realizar una copia de seguridad del dispositivo desde la interfaz web o la interfaz de línea de comandos ("SSH"). Las copias de se... • https://support.broadcom.com/external/content/SecurityAdvisories/0/23250 • CWE-922: Insecure Storage of Sensitive Information •