Main Vulnerability Database Vulnerabilities #VU88930

Security features bypass in Brocade SANnav - CVE-2024-29951

Published: April 23, 2024

Vulnerability identifier: #VU88930

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-29951

CWE-ID: CWE-254

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: Brocade

Affected software:
Brocade SANnav

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to weak encryption in internal SSH ports. An authenticated attacker on the local network can gain access to sensitive information on the system.

How to mitigate CVE-2024-29951

Install updates from vendor's website.

Sources

https://support.broadcom.com/external/content/SecurityAdvisories/0/23237

Security features bypass in Brocade SANnav - CVE-2024-29951

Detailed vulnerability description

How to mitigate CVE-2024-29951

Sources

Please verify you're human