VYPR

SANnav

by Brocade

CVEs (69)

  • CVE-2023-31423MedAug 31, 2023
    risk 0.37cvss 5.7epss 0.00

    Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected…

  • CVE-2024-10404MedFeb 14, 2025
    risk 0.36cvss 5.5epss 0.00

    CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges…

  • CVE-2024-29962MedApr 19, 2024
    risk 0.36cvss 5.5epss 0.00

    Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary.

  • CVE-2024-29952MedApr 17, 2024
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables.

  • CVE-2022-33187MedDec 9, 2022
    risk 0.36cvss 5.5epss 0.00

    Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.

  • CVE-2022-28161MedMay 9, 2022
    risk 0.36cvss 5.5epss 0.00

    An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this vulnerability, the…

  • CVE-2019-16210MedNov 8, 2019
    risk 0.36cvss 5.5epss 0.00

    Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.

  • CVE-2019-16206MedNov 8, 2019
    risk 0.36cvss 5.5epss 0.00

    The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information.

  • CVE-2023-31925MedAug 31, 2023
    risk 0.35cvss 5.4epss 0.00

    Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed…

  • CVE-2020-15385MedJun 9, 2021
    risk 0.35cvss 5.4epss 0.01

    Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.

  • CVE-2020-15378MedJun 9, 2021
    risk 0.35cvss 5.3epss 0.01

    The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.

  • CVE-2024-10405MedFeb 15, 2025
    risk 0.34cvss 5.3epss 0.00

    Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs,…

  • CVE-2022-43935MedNov 21, 2024
    risk 0.34cvss 5.3epss 0.00

    An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file.

  • CVE-2020-15384MedJun 9, 2021
    risk 0.34cvss 5.3epss 0.01

    Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header.

  • CVE-2024-29955MedApr 17, 2024
    risk 0.33cvss 5.0epss 0.00

    A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key.

  • CVE-2025-1053MedFeb 14, 2025
    risk 0.32cvss 4.9epss 0.00

    Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords…

  • CVE-2025-6392MedJul 10, 2025
    risk 0.29cvss 4.4epss 0.00

    Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only…

  • CVE-2025-6390MedJul 10, 2025
    risk 0.29cvss 4.4epss 0.00

    Brocade SANnav before SANnav 2.4.0a logs passwords and pbe keys in the Brocade SANnav server audit logs after installation and under specific conditions. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the…

  • CVE-2025-4662MedJul 10, 2025
    risk 0.29cvss 4.4epss 0.00

    Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server…

  • CVE-2022-43933MedNov 21, 2024
    risk 0.29cvss 4.4epss 0.00

    An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. Supportsave file is generated by an admin user troubleshooting the switch. The Logged information may include…