Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
broadcom brocade sannav - vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-15382
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.
Broadcom Brocade Sannav
7.5
CVSSv3
CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
Broadcom Sannav
9.8
CVSSv3
CVE-2019-16211
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
Broadcom Brocade Sannav
8.8
CVSSv3
CVE-2019-16212
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated malicious user to conduct an LDAP injection. The vulnerability could allow a remote malicious user to bypass the authentication process.
Broadcom Brocade Sannav
8.8
CVSSv3
CVE-2019-16205
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote malicious users to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.
Broadcom Brocade Sannav
5.5
CVSSv3
CVE-2019-16206
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated malicious user to access sensitive information.
Broadcom Brocade Sannav
7.5
CVSSv3
CVE-2019-16208
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an malicious user to decrypt passwords used with several services (Radius, TACAS, etc.).
Broadcom Brocade Sannav
7.4
CVSSv3
CVE-2019-16209
A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an malicious user to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections.
Broadcom Brocade Sannav
7.8
CVSSv3
CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated malicious users to access a back-end database and gain privileges.
Broadcom Brocade Sannav
5.5
CVSSv3
CVE-2019-16210
Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
Broadcom Brocade Sannav
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3