Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-29957

When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.

Published

2024-04-19T04:15:09.390

Last Modified

2025-02-04T15:57:57.087

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-532
Type: Primary
CWE-532

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	brocade_sannav	< 2.3.0a	Yes

References

https://support.broadcom.com/external/content/SecurityAdvisories/0/23241 Vendor Advisory ([email protected])
https://support.broadcom.com/external/content/SecurityAdvisories/0/23241 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)