Broadcom SANnav 2.1.1.8

CPE Details

Broadcom SANnav 2.1.1.8
broadcom
sannav
2.1.1.8
2022-07-07
09h48 +00:00
2022-07-07
10h43 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:broadcom:sannav:2.1.1.8:*:*:*:*:*:*:*

Informations

Vendor

broadcom

Product

sannav

Version

2.1.1.8

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-28162 2022-05-09 14h31 +00:00 Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
3.3
Bas
CVE-2022-28165 2022-05-06 14h08 +00:00 A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because restrictions are not performed on Server side to ensure the user has required permission before processing requests.
8.8
Haute
CVE-2022-28163 2022-05-06 14h01 +00:00 In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.
9.8
Critique
CVE-2022-28164 2022-05-06 14h01 +00:00 Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This could allow an authenticated attacker to decrypt stored account passwords.
6.5
Moyen