CVE-2022-43935: Switch passwords and authorization IDs are printed in the embedded MLS DB file
First published: Thu Nov 21 2024(Updated: )
An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where Brocade Fabric OS Switch passwords and authorization IDs are printed in the embedded MLS DB file.
Credit: sirt@brocade.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom SANnav OVA | <2.2.2 | |
| Broadcom SANnav OVA | <2.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-43935?
CVE-2022-43935 is considered a high severity vulnerability due to the risk of exposing sensitive authentication information.
How do I fix CVE-2022-43935?
To fix CVE-2022-43935, upgrade Brocade SANnav to version 2.2.2 or later to ensure sensitive information is not exposed.
What type of information is exposed in CVE-2022-43935?
CVE-2022-43935 exposes Brocade Fabric OS Switch passwords and authorization IDs in the embedded MLS DB file.
Which versions of Brocade SANnav are affected by CVE-2022-43935?
CVE-2022-43935 affects all versions of Brocade SANnav prior to version 2.2.2.
Why is CVE-2022-43935 considered an information exposure vulnerability?
CVE-2022-43935 is categorized as an information exposure vulnerability because it allows unauthorized access to sensitive log data.
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/severity
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/guess-ai
- vendor/broadcom
- canonical/broadcom sannav ova
- vendor/brocade