Main Vulnerability Database Vulnerabilities #VU88929

Security features bypass in Brocade SANnav - CVE-2024-29967

Published: April 23, 2024

Vulnerability identifier: #VU88929

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-29967

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Brocade SANnav

Software vendor:
Brocade

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to an error related to Docker instances inside the appliance having insecure mount points allowing reading and wring access to files. A local administrator can gain read and write access to these files.

Remediation

Install updates from vendor's website.

External links

https://support.broadcom.com/external/content/SecurityAdvisories/0/23254

Security features bypass in Brocade SANnav - CVE-2024-29967

Description

Remediation

External links

Please verify you're human