CVE Vulnerabilities

CVE-2024-29958

Insertion of Sensitive Information into Log File

Published: Apr 19, 2024 | Modified: Feb 04, 2025
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less protected path to acquiring the encryption key.

Weakness

The product writes sensitive information to a log file.

Affected Software

Name Vendor Start Version End Version
Brocade_sannav Broadcom * 2.3.0a (excluding)

Potential Mitigations

References