Brocade
SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
in plaintext. A privileged user could retrieve these credentials with
knowledge and access to these log files. SNMP
credentials could be seen in SANnav SupportSave if the capture is
performed after an SNMP configuration failure causes an SNMP
communication log dump.
References
Configurations
History
21 Nov 2024, 08:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
05 Sep 2023, 18:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Broadcom brocade Sannav
Broadcom |
|
CWE | CWE-312 | |
CPE | cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:* | |
References | (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506 - Vendor Advisory |
31 Aug 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-31 01:15
Updated : 2024-11-21 08:02
NVD link : CVE-2023-31925
Mitre link : CVE-2023-31925
CVE.ORG link : CVE-2023-31925
JSON object : View
Products Affected
broadcom
- brocade_sannav
CWE
CWE-312
Cleartext Storage of Sensitive Information