CVE-2020-15385
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission.
Published
2021-06-09T16:15:08.233
Last Modified
2024-11-21T05:05:27.623
Status
Modified
Source
[email protected]
Severity
CVSSv3.1: 5.4 (MEDIUM)
CVSSv2 Vector
AV:N/AC:L/Au:S/C:P/I:P/A:N
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: SINGLE
- Confidentiality Impact: PARTIAL
- Integrity Impact: PARTIAL
- Availability Impact: NONE
Exploitability Score
8.0
Impact Score
4.9
Weaknesses
-
Type: Primary
NVD-CWE-noinfo
Affected Vendors & Products
| Type |
Vendor |
Product |
Version/Range |
Vulnerable? |
| Application |
broadcom
|
sannav
|
< 2.1.1 |
Yes
|
References