Vulnerabilities > Broadcom > Brocade Sannav > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-19 | CVE-2024-29958 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. | 6.5 |
| 2024-04-18 | CVE-2024-29956 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav. | 6.5 |
| 2024-04-17 | CVE-2024-29952 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. | 5.5 |
| 2024-04-17 | CVE-2024-29955 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. | 5.5 |
| 2024-04-17 | CVE-2024-29951 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection. | 5.7 |
| 2024-04-17 | CVE-2024-29950 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack. | 5.9 |
| 2023-08-31 | CVE-2023-31423 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. | 5.5 |
| 2023-08-31 | CVE-2023-31925 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. | 6.5 |
| 2022-12-09 | CVE-2022-33187 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. | 4.9 |
| 2019-11-08 | CVE-2019-16210 | Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. | 5.5 |