Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sannav
(Broadcom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-09 | CVE-2020-15381 | Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. | Sannav | 7.5 | ||
| 2021-06-09 | CVE-2020-15377 | Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). | Sannav | 9.8 | ||
| 2021-06-09 | CVE-2020-15378 | The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. | Sannav | 5.3 | ||
| 2021-06-09 | CVE-2020-15380 | Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. | Sannav | 7.5 | ||
| 2021-06-09 | CVE-2020-15384 | Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header. | Sannav | 5.3 |