Vulnerabilities > Broadcom > Brocade Sannav
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-19 | CVE-2024-29968 | Insecure Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. | 6.5 |
| 2024-04-19 | CVE-2024-29969 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav 2.2.2/2.2.2A/2.3.0 When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082. | 7.5 |
| 2024-04-19 | CVE-2024-29962 | Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. | 5.5 |
| 2024-04-19 | CVE-2024-29964 | Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. | 6.5 |
| 2024-04-19 | CVE-2024-29965 | Insecure Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface ("SSH"). | 5.9 |
| 2024-04-19 | CVE-2024-29966 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. | 9.8 |
| 2024-04-19 | CVE-2024-29967 | Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. | 6.0 |
| 2024-04-19 | CVE-2024-29957 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. | 7.5 |
| 2024-04-19 | CVE-2024-29958 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. | 6.5 |
| 2024-04-19 | CVE-2024-29959 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save. | 8.6 |