CVE Vulnerabilities

CVE-2024-29953

Insecure Storage of Sensitive Information

Published: Jun 26, 2024 | Modified: Jun 26, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d prints encoded session passwords on session storage for Virtual Fabric platforms. This could allow an authenticated user to view other users session encoded passwords.

Weakness

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References