CVE-2024-4173

CWE-200 — Information Exposure3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.2%

top 63.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brocade Sannav Brocade Brocade Sannav

Timeline

PublishedApr 25

Description

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 2.8 | Impact: 4.7

Affected Packages2 packages

▶NVDbroadcom/brocade_sannav< 2.2.0

▶CVEListV5brocade/brocade_sannavAll Versions

🔴Vulnerability Details

CVEList

SANnav versions exposes Kafka in the wan interface.↗2024-04-25

▶

GHSA

GHSA-pm6f-4pg9-fmg4: A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2↗2024-04-25

▶