14 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-28168

https://notcve.org/view.php?id=CVE-2022-28168

In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. En Brocade SANnav versiones anteriores a Brocade SANnav versión 2.2.0.2 y Brocade SANnav versión 2.1.1.8, las contraseñas codificadas del servidor scp son almacenadas usando codificación Base64, lo que podría permitir a un atacante capaz de acceder a los archivos de registro descifrar fácilmente las contraseñas • https://security.netapp.com/advisory/ntap-20220627-0003 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1979 • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-28167

https://notcve.org/view.php?id=CVE-2022-28167

Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log Brocade SANnav versiones anteriores a Brocade SANvav versión 2.2.0.2 y Brocade SANanv versión 2.1.1.8, registra la contraseña del conmutador Brocade Fabric OS en texto plano en el archivo asyncjobscheduler-manager.log • https://security.netapp.com/advisory/ntap-20220627-0002 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1978 • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-28166

https://notcve.org/view.php?id=CVE-2022-28166

In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the Use of Static Key Ciphers (ssl-static-key-ciphers) on ports 443 & 18082. En Brocade SANnav versiones anteriores a SANN2.2.0.2 y Brocade SANNav versiones anteriores a 2.1.1.8, la implementación del servidor TLS/SSL admite el uso de cifrados de clave estática (ssl-static-key-ciphers) en los puertos 443 y 18082 • https://security.netapp.com/advisory/ntap-20220627-0001 https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1977 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-28161

https://notcve.org/view.php?id=CVE-2022-28161

An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the attacker would need to have valid user credentials and turn on debug mode. Una vulnerabilidad de exposición de información a través de archivos de registro en Brocade SANNav versiones anteriores a Brocade SANnav 2.2.0, podría permitir a un atacante local autenticado visualizar información confidencial como las contraseñas ssh en filetansfer.log en modo de depuración. Para explotar esta vulnerabilidad, el atacante necesitaría tener credenciales de usuario válidas y habilitar el modo de depuración • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1840 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-28162

https://notcve.org/view.php?id=CVE-2022-28162

Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. Brocade SANnav versiones hasta SANnav 2.2.0, registra el token de autenticación de la API REST en texto plano • https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1841 • CWE-312: Cleartext Storage of Sensitive Information •