EUVD-2025-21062
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2025-07-10
sirt@brocade.com
4.4
CVSS 3.1
Share
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Lifecycle Timeline
3
EUVD ID Assigned
Mar 16, 2026 - 06:52 euvd
EUVD-2025-21062
Analysis Generated
Mar 16, 2026 - 06:52 vuln.today
CVE Published
Jul 10, 2025 - 21:15 nvd
MEDIUM 4.4
DescriptionNVD
Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file.
These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user.
AnalysisAI
CVE-2025-4662 is a security vulnerability (CVSS 4.4). Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor.
RemediationAI
Monitor vendor channels for patch availability.
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).