Vulnerability Details CVE-2022-28167
Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- https://security.netapp.com/advisory/ntap-20220627-0002/
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1978
- https://security.netapp.com/advisory/ntap-20220627-0002/
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1978
Products affected by CVE-2022-28167
-
cpe:2.3:a:broadcom:sannav:-
-
cpe:2.3:a:broadcom:sannav:2.1.0
-
cpe:2.3:a:broadcom:sannav:2.1.1
-
cpe:2.3:a:broadcom:sannav:2.2.0.0