Vulnerabilities > Broadcom > Brocade Sannav > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-21 | CVE-2022-43933 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. | 4.4 |
| 2024-11-21 | CVE-2022-43935 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file. | 4.4 |
| 2024-11-21 | CVE-2022-43936 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before 2.2.2 log Brocade Fabric OS switch passwords when debugging is enabled. | 4.9 |
| 2024-11-21 | CVE-2022-43937 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a | 5.5 |
| 2024-04-25 | CVE-2024-4159 | Unspecified vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information. | 5.3 |
| 2024-04-19 | CVE-2024-29968 | Insecure Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. | 6.5 |
| 2024-04-19 | CVE-2024-29962 | Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. | 5.5 |
| 2024-04-19 | CVE-2024-29964 | Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. | 6.5 |
| 2024-04-19 | CVE-2024-29965 | Insecure Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav In Brocade SANnav before v2.3.1, and v2.3.0a, it is possible to back up the appliance from the web interface or the command line interface ("SSH"). | 5.9 |
| 2024-04-19 | CVE-2024-29967 | Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. | 6.0 |