Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-29961

A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unauthenticated, remote attacker aware of the behavior and launch a supply-chain attack against a Brocade SANnav appliance.

Published

2024-04-19T04:15:10.553

Last Modified

2025-02-04T15:52:04.420

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	brocade_sannav	< 2.3.0a	Yes

References

https://support.broadcom.com/external/content/SecurityAdvisories/0/23246 Vendor Advisory ([email protected])
https://support.broadcom.com/external/content/SecurityAdvisories/0/23246 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)