CVE-2024-29956

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 64.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Brocade SannavBrocade Brocade Sannav
Timeline
PublishedApr 18

Description

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_sannavbefore v2.3.1 and v2.3.0a

🔴Vulnerability Details

2
CVEList
cleartext password in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav2024-04-18
GHSA
GHSA-xp2p-9wq2-wx5q: A vulnerability in Brocade SANnav before v22024-04-18
CVE-2024-29956 (MEDIUM CVSS 6.5) | A vulnerability in Brocade SANnav b | cvebase.io