Brocade Sannav
CVE-2024-4173
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability in Brocade SANnav exposes Kafka in the wan interface.
The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.
AnalysisAI
A vulnerability in Brocade SANnav exposes Kafka in the wan interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav. Affected products include: Broadcom Brocade Sannav.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.
More in Brocade Sannav
View allRADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be
Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appl
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write acce
Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. Rated high severity (CVSS 8.6), this vulnera
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID.
Under certain error conditions at time of SANnav installation or upgrade, the encryption key can be written into and obt
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the B
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. Rated high severity (CVSS 8
A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. Rated high severity (CVSS 8.2), this vulnerability is
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authenticatio
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today