Vulnerabilities > Broadcom > Brocade Sannav > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-31423 Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a.
local
low complexity
broadcom CWE-312
5.5
2023-08-31 CVE-2023-31925 Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext.
network
low complexity
broadcom CWE-312
6.5
2022-12-09 CVE-2022-33187 Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs.
network
low complexity
broadcom CWE-532
4.9
2019-11-08 CVE-2019-16210 Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
local
low complexity
broadcom CWE-311
5.5
2019-11-08 CVE-2019-16206 Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.
local
low complexity
broadcom CWE-311
5.5