CVE-2024-29951Inadequate Encryption Strength in Brocade Sannav

CWE-326Inadequate Encryption Strength3 documents3 sources
Severity
5.7MEDIUMNVD
EPSS
0.1%
top 79.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Brocade SannavBrocade Sannav
Timeline
PublishedApr 17

Description

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_sannavbefore v2.3.1 and v2.3.0a

🔴Vulnerability Details

2
CVEList
Brocade SANnav has weak encryption in internal SSH ports2024-04-17
GHSA
GHSA-q59m-g738-4273: Brocade SANnav before v22024-04-17
CVE-2024-29951 — Inadequate Encryption Strength | cvebase