CVE-2022-43933
4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. Supportsave file is generated by an admin user troubleshooting the switch. The Logged information may include usernames and passwords, and secret keys.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Brocade | SANnav | before Brocade SANnav 2.2.2 | affected |
Weaknesses
- CWE-538: CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.