Known Vulnerabilities
CVE-2024-4161
In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could allow an unauthenticated, remote attacker to capture sensitive information.
HIGH
CVSS 8.6
Published Apr 25, 2024
CVE-2024-29956
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.
MEDIUM
CVSS 6.5
Published Apr 18, 2024
CVE-2024-29950
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.
HIGH
CVSS 7.5
Published Apr 17, 2024