CVE-2023-31925

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an SNMP configuration failure causes an SNMP communication log dump.
Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*

History

05 Sep 2023, 18:24

Type Values Removed Values Added
First Time Broadcom brocade Sannav
Broadcom
References (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 - (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CPE cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*
CWE CWE-312

31 Aug 2023, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-31 01:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-31925

Mitre link : CVE-2023-31925

CVE.ORG link : CVE-2023-31925


JSON object : View

Products Affected

broadcom

  • brocade_sannav
CWE
CWE-312

Cleartext Storage of Sensitive Information