Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

broadcom brocade sannav - vulnerabilities and exploits

(subscribe to this query)
8.8
CVSSv3

CVE-2019-16205

A vulnerability, in Brocade SANnav versions before v2.0, could allow remote malicious users to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.
Broadcom Brocade Sannav
7.5
CVSSv3

CVE-2019-16208

Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an malicious user to decrypt passwords used with several services (Radius, TACAS, etc.).
Broadcom Brocade Sannav
5.5
CVSSv3

CVE-2019-16210

Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save.
Broadcom Brocade Sannav
5.5
CVSSv3

CVE-2019-16206

The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated malicious user to access sensitive information.
Broadcom Brocade Sannav
9.8
CVSSv3

CVE-2019-16211

Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.
Broadcom Brocade Sannav
7.5
CVSSv3

CVE-2020-15379

Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
Broadcom Brocade Sannav
7.2
CVSSv3

CVE-2020-15382

Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time.
Broadcom Brocade Sannav
5.5
CVSSv3

CVE-2023-31423

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SAN...
Broadcom Brocade Sannav
9.8
CVSSv3

CVE-2023-31424

Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization.
Broadcom Brocade Sannav
6.5
CVSSv3

CVE-2023-31925

Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A privileged user could retrieve these credentials with knowledge and access to these log files. SNMP credentials could be seen in SANnav SupportSave if the capture is performed after an...
Broadcom Brocade Sannav
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
physicalpicture galleryCVE-2025-30352administrator privilegesgdpr toolsCVE-2025-26007CVE-2025-24514CVE-2025-26581CVE-2025-1098wp multistore locatorCVE-2025-26986nous ouvert utile et simplecommand injection
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook