Broadcom: >> Brocade Sannav Security Vulnerabilities
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-11-08
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.).
CVSS Score
7.5
EPSS Score
0.001
Published
2019-11-08
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections.
CVSS Score
7.4
EPSS Score
0.002
Published
2019-11-08
Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-11-08
Page 6