Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

broadcom sannav vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3

CVE-2023-31424

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization.
Brocade SannavBroadcom Brocade Sannav
5.5
CVSSv3

CVE-2023-31423

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SAN...
Brocade SannavBroadcom Brocade Sannav
7.8
CVSSv3

CVE-2024-2860

The PostgreSQL implementation in Brocade SANnav versions prior to 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database.
Brocade SannavBrocade Brocade SannavBroadcom Brocade SannavBroadcom Brocade Sannav 2.3.1
4.9
CVSSv3

CVE-2022-33187

Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information.
Brocade Brocade SannavBroadcom Brocade Sannav
6.5
CVSSv3

CVE-2023-31925

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an...
Brocade Brocade SannavBroadcom Brocade Sannav
9.8
CVSSv3

CVE-2020-15377

Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
Broadcom Sannav
3.3
CVSSv3

CVE-2022-28162

Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
Broadcom Sannav
9.8
CVSSv3

CVE-2022-28163

In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an malicious user to run arbitrary SQL commands.
Broadcom Sannav
6.5
CVSSv3

CVE-2022-28164

Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated malicious user to decrypt stored account passwords.
Broadcom Sannav
7.5
CVSSv3

CVE-2020-15380

Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
Broadcom Sannav
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
piwik proCVE-2025-5056privilege escalationCVE-2025-4919CVE-2025-3881cs seo extensionCVE-2025-41426tibco software incCVE-2025-20256edx-platformcode executionCVE-2025-4918XSS
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook