CVE-2025-12774

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 99.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom SannavBrocade Sannav
Timeline
PublishedFeb 3

Description

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supportsave file, could open the file and then obtain sensitive information such as details of database tables and encrypted passwords.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5brocade/sannavSANnav before 3.0
NVDbroadcom/sannav< 3.0

🔴Vulnerability Details

2
GHSA
GHSA-jvfr-hp47-8rx8: A vulnerability in the migration script for Brocade SANnav before 32026-02-03
CVEList
SQL queries with sensitive information printed in logs with Brocade SANnav before 3.02026-02-03
CVE-2025-12774 (MEDIUM CVSS 4.6) | A vulnerability in the migration sc | cvebase.io