Sannav

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-12774 HIGH This Week

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. [CVSS 7.5 HIGH]

Information Disclosure Sannav
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-12773 MEDIUM This Month

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-12772 MEDIUM This Month

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. [CVSS 4.9 MEDIUM]

Information Disclosure Sannav
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-12680 MEDIUM This Month

Sannav contains a vulnerability that allows attackers to a remote authenticated attacker with admin privilege able to access the SANnav l (CVSS 4.9).

Information Disclosure Sannav
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-12679 MEDIUM This Month

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption (PBE) key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-12774
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. [CVSS 7.5 HIGH]

Information Disclosure Sannav
NVD
CVE-2025-12773
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of SANnav database password in the system audit logs. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
NVD
CVE-2025-12772
EPSS 0% CVSS 4.9
MEDIUM This Month

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. [CVSS 4.9 MEDIUM]

Information Disclosure Sannav
NVD
CVE-2025-12680
EPSS 0% CVSS 4.9
MEDIUM This Month

Sannav contains a vulnerability that allows attackers to a remote authenticated attacker with admin privilege able to access the SANnav l (CVSS 4.9).

Information Disclosure Sannav
NVD
CVE-2025-12679
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption (PBE) key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. [CVSS 6.5 MEDIUM]

Information Disclosure Sannav
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy