CVE-2022-43935

CWE-532 — Log File Information Exposure2 documents2 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 78.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brocade Sannav

Timeline

PublishedNov 21

Description

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:NExploitability: 0.8 | Impact: 4.0

Affected Packages1 packages

▶NVDbroadcom/brocade_sannav< 2.2.2

🔴Vulnerability Details

CVEList

Switch passwords and authorization IDs are printed in the embedded MLS DB file↗2024-11-21

▶