VYPR
Unrated severityNVD Advisory· Published Feb 14, 2025· Updated Feb 18, 2025

Brocade Fabric OS may capture SNMP Passwords in clear text

CVE-2024-5462

Description

If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passwords, then the SNMP privsecret / authsecret fields can be exposed in plaintext. The plaintext passwords can be exposed in a configupload capture or a supportsave capture if encryption of passwords is not enabled. An attacker can use these passwords to fetch values of the supported OIDs via SNMPv3 queries. There are also a limited number of MIB objects that can be modified.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Brocade/Fabric OSllm-fuzzy2 versions
    <9.2.0+ 1 more
    • (no CPE)range: <9.2.0
    • (no CPE)range: before Fabric OS 9.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.