Vulnerabilities > Broadcom > Brocade Sannav > 2.2.2a
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-19 | CVE-2024-29957 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. | 7.5 |
| 2024-04-19 | CVE-2024-29958 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. | 6.5 |
| 2024-04-19 | CVE-2024-29959 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save. | 8.6 |
| 2024-04-19 | CVE-2024-29960 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. | 7.5 |
| 2024-04-19 | CVE-2024-29961 | Unspecified vulnerability in Broadcom Brocade Sannav A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. | 8.2 |
| 2024-04-19 | CVE-2024-29963 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. | 3.8 |
| 2024-04-18 | CVE-2024-29956 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav. | 6.5 |
| 2024-04-17 | CVE-2024-29952 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. | 5.5 |
| 2024-04-17 | CVE-2024-29955 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. | 5.5 |
| 2024-04-17 | CVE-2024-29951 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection. | 5.7 |