Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

broadcom brocade sannav - vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2

CVE-2020-15381

Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server.
Broadcom Sannav
5
CVSSv2

CVE-2020-15384

Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header.
Broadcom Sannav
5.8
CVSSv2

CVE-2020-15387

The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications.
Broadcom Brocade SannavBroadcom Fabric Operating SystemBroadcom Fabric Operating System 7.4.2Broadcom Fabric Operating System 7.4.2aBroadcom Fabric Operating System 7.4.2bBroadcom Fabric Operating System 7.4.2cBroadcom Fabric Operating System 7.4.2dBroadcom Fabric Operating System 7.4.2fBroadcom Fabric Operating System 7.4.2gBroadcom Fabric Operating System 8.2.1Broadcom Fabric Operating System 8.2.1aBroadcom Fabric Operating System 8.2.1b
5
CVSSv2

CVE-2020-15378

The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface.
Broadcom Sannav
4
CVSSv2

CVE-2022-28164

Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated malicious user to decrypt stored account passwords.
Broadcom Sannav
7.5
CVSSv2

CVE-2020-15377

Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF).
Broadcom Sannav
5.5
CVSSv2

CVE-2020-15385

Brocade SANnav before version 2.1.1 allows an authenticated malicious user to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.
Broadcom Sannav
6.5
CVSSv2

CVE-2022-28165

A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav prior to 2.2.0 could allow an authenticated, remote malicious user to access resources that they should not be able to access and perform actions that they should not be able to perform. T...
Broadcom Sannav
6
CVSSv2

CVE-2022-23302

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi...
Apache Log4jNetapp Snapmanager -Broadcom Brocade Sannav -Qos Reload4jOracle Advanced Supply Chain Planning 12.1Oracle Advanced Supply Chain Planning 12.2Oracle Business Intelligence 5.9.0.0.0Oracle Business Intelligence 12.2.1.3.0Oracle Business Intelligence 12.2.1.4.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Business Process Management Suite 12.2.1.4.0Oracle Communications Eagle Ftp Table Base Retrieval 4.5
6.8
CVSSv2

CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows malicious users to manipulate the SQL by ent...
Apache Log4jNetapp Snapmanager -Broadcom Brocade Sannav -Qos Reload4jOracle Advanced Supply Chain Planning 12.1Oracle Advanced Supply Chain Planning 12.2Oracle Business Intelligence 5.9.0.0.0Oracle Business Intelligence 12.2.1.3.0Oracle Business Intelligence 12.2.1.4.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Business Process Management Suite 12.2.1.4.0Oracle Communications Eagle Ftp Table Base Retrieval 4.5
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
apache atlaswp html page sitemapinjecteverest formsCVE-2025-25356CVE-2024-47264cross-site scriptingCVE-2025-0837CVE-2025-25286*CVE-2024-12754arbitrary codeCVE-2025-24472
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook