Описание
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.2a (исключая)
cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00055
Низкий
5.7 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312
Связанные уязвимости
CVSS3: 5.7
github
больше 2 лет назад
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.
EPSS
Процентиль: 18%
0.00055
Низкий
5.7 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-312
CWE-312