Main Vulnerability Database Vulnerabilities #VU88929

Security features bypass in Brocade SANnav - CVE-2024-29967

Published: April 23, 2024

Vulnerability identifier: #VU88929

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-29967

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Brocade

Affected software:
Brocade SANnav

Detailed vulnerability description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to an error related to Docker instances inside the appliance having insecure mount points allowing reading and wring access to files. A local administrator can gain read and write access to these files.

How to mitigate CVE-2024-29967

Install updates from vendor's website.

Sources

https://support.broadcom.com/external/content/SecurityAdvisories/0/23254

Security features bypass in Brocade SANnav - CVE-2024-29967

Detailed vulnerability description

How to mitigate CVE-2024-29967

Sources

Please verify you're human