CVE-2019-16208
Description
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Weak password-based encryption in Brocade SANnav before v2.0 allows attackers to decrypt passwords used with services like Radius and TACAS.
Vulnerability
The password-based encryption (PBE) algorithm used in Brocade SANnav versions before v2.0 has a weakness in generating cryptographic keys, classified under CWE-327: Use of a Broken or Risky Cryptographic Algorithm [1]. This affects the storage and transmission of passwords for services such as Radius and TACAS.
Exploitation
An attacker with access to encrypted password data (e.g., from configuration files or network traffic) can exploit the weak key generation to decrypt the passwords. No additional authentication is required if the encrypted data is obtained.
Impact
Successful exploitation allows the attacker to recover plaintext passwords used with multiple services (Radius, TACAS, etc.), leading to unauthorized access and potential lateral movement within the network.
Mitigation
Brocade SANnav v2.0 and later versions address this vulnerability [1]. Users should upgrade to v2.0 or the latest available release. No other Brocade Fibre Channel products are affected.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <2.0
- Brocade Communications Systems, Inc./Brocade SANnavv5Range: versions before v2.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.