Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
broadcom brocade sannav - vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-15385
Brocade SANnav before version 2.1.1 allows an authenticated malicious user to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.
Broadcom Sannav
7.4
CVSSv3
CVE-2020-15387
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
Broadcom Brocade Sannav
Broadcom Fabric Operating System
Broadcom Fabric Operating System 7.4.2
Broadcom Fabric Operating System 7.4.2a
Broadcom Fabric Operating System 7.4.2b
Broadcom Fabric Operating System 7.4.2c
Broadcom Fabric Operating System 7.4.2d
Broadcom Fabric Operating System 7.4.2f
Broadcom Fabric Operating System 7.4.2g
Broadcom Fabric Operating System 8.2.1
Broadcom Fabric Operating System 8.2.1a
Broadcom Fabric Operating System 8.2.1b
7.5
CVSSv3
CVE-2020-15381
Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
Broadcom Sannav
7.2
CVSSv3
CVE-2020-15382
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.
Broadcom Brocade Sannav
9.8
CVSSv3
CVE-2019-16211
Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
Broadcom Brocade Sannav
8.8
CVSSv3
CVE-2019-16212
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated malicious user to conduct an LDAP injection. The vulnerability could allow a remote malicious user to bypass the authentication process.
Broadcom Brocade Sannav
8.8
CVSSv3
CVE-2019-16205
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote malicious users to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.
Broadcom Brocade Sannav
5.5
CVSSv3
CVE-2019-16206
The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated malicious user to access sensitive information.
Broadcom Brocade Sannav
7.8
CVSSv3
CVE-2019-16207
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated malicious users to access a back-end database and gain privileges.
Broadcom Brocade Sannav
7.5
CVSSv3
CVE-2019-16208
Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an malicious user to decrypt passwords used with several services (Radius, TACAS, etc.).
Broadcom Brocade Sannav
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »