漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave
Vulnerability Description
CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive information including passwords; SNMP responses that contain AuthSecret and PrivSecret after collecting a “supportsave” or getting access to an already collected “supportsave”. NOTE: this issue exists because of an incomplete fix for CVE-2024-29952
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
Broadcom SANnav 安全漏洞
Vulnerability Description
Broadcom SANnav是美国博通(Broadcom)公司的一套SAN管理平台。 Broadcom SANnav存在安全漏洞,该漏洞源于CalInvocationHandler以明文形式记录敏感信息。经过身份验证的本地攻击者利用该漏洞可以以明文形式查看Brocade Fabric OS交换机敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A