CVE-2024-29957

Published Apr 19, 2024

Last updated 20 days ago

Overview

Description
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
Source
sirt@brocade.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

sirt@brocade.com
CWE-532
nvd@nist.gov
CWE-532

Social media

Hype score
Not currently trending

Configurations