← Retour aux CVEs
CVE-2023-31925
MEDIUM5.4
Description
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an SNMP configuration failure causes an SNMP communication log dump.
Details CVE
Score CVSS v3.15.4
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie8/31/2023
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
broadcom:brocade_sannav
Faiblesses (CWE)
CWE-312CWE-312
References
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506(sirt@brocade.com)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.