CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4282 – Weak TLS Ciphers on Brocade SANnav OVA SSH port 22
https://notcve.org/view.php?id=CVE-2024-4282
14 Feb 2025 — Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. • https://support.broadcom.com/external/content/SecurityAdvisories/0/25400 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10405 – Weak TLS Ciphers on Brocade SANnav port 443 & 18082
https://notcve.org/view.php?id=CVE-2024-10405
14 Feb 2025 — Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no customer data, no personal data and no secrets or passwords, as it travels across the network. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25402 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2240 – Docker implementation in Brocade SANnav is missing Audit Rules.
https://notcve.org/view.php?id=CVE-2024-2240
14 Feb 2025 — Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25401 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1053 – Brocade SANnav encryption key is logged in the debug logs
https://notcve.org/view.php?id=CVE-2025-1053
14 Feb 2025 — Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Brocade SANnav. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25399 • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10404 – Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave
https://notcve.org/view.php?id=CVE-2024-10404
14 Feb 2025 — CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive information including passwords; SNMP responses that contain AuthSecret and PrivSecret after collecting a “supportsave” or getting access to an already collected “supportsave”. NOTE: this issue exists because of an i... • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25403 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-2860
https://notcve.org/view.php?id=CVE-2024-2860
08 May 2024 — The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database. La implementación de PostgreSQL en las versiones de Brocade SANnav anteriores a la 2.3.0a es vulnerable a una falla de autenticación local incorrecta. Un atacante que acceda a la máquina virtual donde está instalado Brocade SANnav puede obtener acceso... • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4173 – SANnav versions exposes Kafka in the wan interface.
https://notcve.org/view.php?id=CVE-2024-4173
25 Apr 2024 — A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav. Una vulnerabilidad en las versiones ova de Brocade SANnav anteriores a Brocade SANnav v2.3.1 y v2.3.0a expone a Kafka en la interfaz wan. La vulnerabilidad podría permitir que un atacante no autenticado realice varios ataques, incluido DOS, el dispositivo Brocade SANnav. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29969 – TLS/SSL weak message authentication code ciphers are added by default for port 18082
https://notcve.org/view.php?id=CVE-2024-29969
19 Apr 2024 — When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082. Cuando se actualiza una instalación de Brocade SANnav de Brocade SANnav v2.2.2 a Brocade SANnav 2.3.0, los cifrados de códigos de autenticación de mensajes débiles TLS/SSL se agregan de forma predeterminada para el puerto 18082. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23251 • CWE-326: Inadequate Encryption Strength •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29967 – In Brocade SANnav before v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points
https://notcve.org/view.php?id=CVE-2024-29967
19 Apr 2024 — In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files. En Brocade SANnav anterior a Brocade SANnav v2.31 y v2.3.0a, se observó que las instancias de Docker dentro del dispositivo tenían puntos de montaje inseguros, lo que permitía acceso de lectura y escri... • https://support.broadcom.com/external/content/SecurityAdvisories/0/23254 • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29966 – hard-coded credentials in the documentation that appear as the appliance root password
https://notcve.org/view.php?id=CVE-2024-29966
19 Apr 2024 — Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance. Brocade SANnav OVA anterior a v2.3.1 y v2.3.0a contiene credenciales codificadas en la documentación que aparecen como la contraseña raíz del dispositivo. La vulnerabilidad podría permitir a un atacante no autenticado acceso completo al dispositivo Brocade SANnav. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23255 • CWE-798: Use of Hard-coded Credentials •