CVE-2024-29964: Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files
First published: Fri Apr 19 2024(Updated: )
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.
Credit: sirt@brocade.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom SANnav OVA | <2.3.0a | |
| Broadcom SANnav OVA | <2.3.0a |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-29964?
CVE-2024-29964 has a high severity rating due to the potential for unprivileged attackers to access sensitive information.
How do I fix CVE-2024-29964?
To fix CVE-2024-29964, upgrade Brocade SANnav to version 2.3.0a or later to ensure proper file permissions.
What types of files are affected by CVE-2024-29964?
CVE-2024-29964 specifically affects docker files and other sensitive files with incorrect permissions.
Who can exploit CVE-2024-29964?
Unprivileged attackers who gain access to the server can exploit CVE-2024-29964.
What versions of Brocade SANnav are vulnerable to CVE-2024-29964?
Brocade SANnav versions prior to v2.3.0a are vulnerable to CVE-2024-29964.
- agent/references
- agent/first-publish-date
- agent/type
- agent/author
- agent/event
- agent/title
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/description
- agent/source
- agent/last-modified-date
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- vendor/brocade
- canonical/broadcom sannav ova
- vendor/broadcom