Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2020-15377 | Server-Side Request Forgery (SSRF) vulnerability in Broadcom Sannav 2.1.0 Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). | 9.8 |
| 2021-06-09 | CVE-2020-15378 | Unspecified vulnerability in Broadcom Sannav 2.1.0 The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. | 5.3 |
| 2021-06-09 | CVE-2020-15379 | Improper Input Validation vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name. | 7.5 |
| 2021-06-09 | CVE-2020-15380 | Information Exposure Through Log Files vulnerability in Broadcom Sannav 2.1.0 Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. | 7.5 |
| 2021-06-09 | CVE-2020-15384 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0 Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. | 5.3 |
| 2021-06-09 | CVE-2020-15385 | Unspecified vulnerability in Broadcom Sannav 2.1.0 Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. | 5.4 |
| 2021-06-09 | CVE-2020-15386 | Unspecified vulnerability in Broadcom Fabric Operating System Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | 5.3 |
| 2021-06-09 | CVE-2020-15387 | Inadequate Encryption Strength vulnerability in Broadcom Brocade Sannav and Fabric Operating System The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. | 7.4 |
| 2021-06-09 | CVE-2020-15381 | Insufficiently Protected Credentials vulnerability in Broadcom Sannav 2.1.0 Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. | 7.5 |
| 2021-06-09 | CVE-2020-15382 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | 7.2 |