Brocade
SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
in plaintext. A privileged user could retrieve these credentials with
knowledge and access to these log files. SNMP
credentials could be seen in SANnav SupportSave if the capture is
performed after an SNMP configuration failure causes an SNMP
communication log dump.
References
Link | Resource |
---|---|
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 | Vendor Advisory |
Configurations
History
05 Sep 2023, 18:24
Type | Values Removed | Values Added |
---|---|---|
First Time |
Broadcom brocade Sannav
Broadcom |
|
References | (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:* | |
CWE | CWE-312 |
31 Aug 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-31 01:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-31925
Mitre link : CVE-2023-31925
CVE.ORG link : CVE-2023-31925
JSON object : View
Products Affected
broadcom
- brocade_sannav
CWE
CWE-312
Cleartext Storage of Sensitive Information