CVE-2022-43933 | THREATINT

Description

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade SANnav 2.2.2, where configuration secrets are logged in supportsave. Supportsave file is generated by an admin user troubleshooting the switch. The Logged information may include usernames and passwords, and secret keys.

PUBLISHED Reserved 2022-10-26 | Published 2024-11-21 | Updated 2024-11-21 | Assigner brocade

MEDIUM: 4.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory

Product status

Default status

unaffected

before Brocade SANnav 2.2.2

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/21221

cve.org (CVE-2022-43933)

nvd.nist.gov (CVE-2022-43933)

Download JSON