CVE-2024-29958

CWE-532Log File Information Exposure3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 47.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Brocade SannavBrocade Brocade Sannav
Timeline
PublishedApr 19

Description

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption key.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5brocade/brocade_sannavbefore v2.3.1 and v2.3.0a

🔴Vulnerability Details

2
GHSA
GHSA-mwpf-hrvf-537f: A vulnerability in Brocade SANnav before v22024-04-19
CVEList
Encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node.2024-04-19
CVE-2024-29958 (MEDIUM CVSS 6.5) | A vulnerability in Brocade SANnav b | cvebase.io