Latest broadcom brocade sannav Vulnerabilities

CVE-2023-31925
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP ...
Broadcom Brocade Sannav<2.2.2a
CVE-2023-31424
Web authentication and authorization bypass
Broadcom Brocade Sannav<2.2.2a
CVE-2023-31423
Possible information exposure through log file vulnerability
Broadcom Brocade Sannav<2.2.2a
CVE-2022-33187
Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.
Broadcom Brocade Sannav<2.2.1
CVE-2022-23305
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely...
redhat/log4j<0:1.2.14-6.6.el6_10
redhat/log4j<0:1.2.17-18.el7_4
redhat/log4j<0:1.2.17-17.el7_3
redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6
redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6
redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
and 196 more
CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service...
redhat/log4j<0:1.2.14-6.6.el6_10
redhat/log4j<0:1.2.17-18.el7_4
redhat/log4j<0:1.2.17-17.el7_3
redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6
redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6
redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
and 194 more
CVE-2020-15379
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
Broadcom Brocade Sannav<=2.1.0
CVE-2020-15387
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to ma...
Broadcom Brocade Sannav<2.1.1
Broadcom Fabric Operating System<7.4.2
Broadcom Fabric Operating System>=8.2.0<8.2.1
Broadcom Fabric Operating System=7.4.2
Broadcom Fabric Operating System=7.4.2a
Broadcom Fabric Operating System=7.4.2b
and 7 more
CVE-2020-15382
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.
Broadcom Brocade Sannav<2.1.1
CVE-2019-16211
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
Broadcom Brocade Sannav<2.1.0
CVE-2019-16212
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability could allow a remote attacker to bypass the authent...
Broadcom Brocade Sannav<2.1.0
CVE-2019-16208
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several ser...
Broadcom Brocade Sannav<2.0
CVE-2019-16205
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several pos...
Broadcom Brocade Sannav<2.0
CVE-2019-16209
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections.
Broadcom Brocade Sannav<2.0
CVE-2019-16210
Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
Broadcom Brocade Sannav<2.0
CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges.
Broadcom Brocade Sannav<2.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203