Vulnerabilities > Broadcom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-21 | CVE-2022-43933 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. | 4.4 |
| 2024-11-21 | CVE-2022-43935 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file. | 4.4 |
| 2024-11-21 | CVE-2022-43936 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before 2.2.2 log Brocade Fabric OS switch passwords when debugging is enabled. | 4.9 |
| 2024-11-21 | CVE-2022-43937 | Information Exposure Through Log Files vulnerability in Broadcom Brocade Sannav Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a | 5.5 |
| 2024-07-15 | CVE-2024-38493 | Cross-site Scripting vulnerability in Broadcom Symantec Privileged Access Management 4.1.0.0/4.1.0.10 A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. | 6.1 |
| 2024-06-26 | CVE-2024-29953 | Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. | 4.3 |
| 2024-06-26 | CVE-2024-29954 | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. | 5.5 |
| 2024-04-25 | CVE-2024-4159 | Unspecified vulnerability in Broadcom Brocade Sannav Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information. | 5.3 |
| 2024-04-19 | CVE-2024-29968 | Insecure Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. | 6.5 |
| 2024-04-19 | CVE-2024-29962 | Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. | 5.5 |