Filtered by vendor Broadcom
Subscriptions
Filtered by product Brocade Sannav
Subscriptions
Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-16210 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 5.5 Medium |
| Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. | ||||
| CVE-2019-16209 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 7.4 High |
| A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections. | ||||
| CVE-2019-16208 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 7.5 High |
| Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.). | ||||
| CVE-2019-16207 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 7.8 High |
| Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges. | ||||
| CVE-2019-16206 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 5.5 Medium |
| The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information. | ||||
| CVE-2019-16205 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | 8.8 High |
| A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal. | ||||