Vulnerabilities > Broadcom > Brocade Sannav > 2.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-19 | CVE-2024-29963 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. | 3.8 |
| 2024-04-18 | CVE-2024-29956 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav. | 6.5 |
| 2024-04-17 | CVE-2024-29952 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. | 5.5 |
| 2024-04-17 | CVE-2024-29955 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. | 5.5 |
| 2024-04-17 | CVE-2024-29951 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection. | 5.7 |
| 2024-04-17 | CVE-2024-29950 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack. | 5.9 |
| 2023-08-31 | CVE-2023-31423 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. | 5.5 |
| 2023-08-31 | CVE-2023-31424 | Unspecified vulnerability in Broadcom Brocade Sannav Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization. | 9.8 |
| 2023-08-31 | CVE-2023-31925 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. | 6.5 |
| 2022-12-09 | CVE-2022-33187 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. | 4.9 |