Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files
Vulnerability Description
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Broadcom Brocade SANnav 安全漏洞
Vulnerability Description
Broadcom Brocade SANnav是美国博通(Broadcom)公司的一套SAN管理平台。 Brocade SANnav v2.3.1 版本和 v2.3.0a 版本存在安全漏洞,该漏洞源于 Docker 实例具有不安全的架构和配置,导致多个漏洞。Docker 守护进程暴露于 WAN 接口。Docker 实例可以访问任何其他实例,并且少数实例可以访问敏感文件。该漏洞可能允许底层操作系统上的 sudo 特权用户访问和修改这些文件。
CVSS Information
N/A
Vulnerability Type
N/A