Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-2859

By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account.

Published

2024-04-27T00:15:07.010

Last Modified

2025-09-02T18:31:13.703

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-276

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	brocade_sannav	< 2.3.0	Yes

References

https://security.netapp.com/advisory/ntap-20240628-0003/ Third Party Advisory ([email protected])
https://support.broadcom.com/external/content/SecurityAdvisories/0/23245 Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20240628-0003/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23245 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)