Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-2860

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can gain access to sensitive data inside the PostgreSQL database.

Published

2024-05-08T02:15:09.873

Last Modified

2025-02-06T17:54:45.057

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-306
Type: Primary
CWE-306

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	brocade_sannav	< 2.3.0a	Yes
Application	broadcom	brocade_sannav	2.3.1	Yes

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260 Vendor Advisory ([email protected])
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24260 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)