CVE-2025-12774 | THREATINT

Description

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supportsave file, could open the file and then obtain sensitive information such as details of database tables and encrypted passwords.

PUBLISHED Reserved 2025-11-05 | Published 2026-02-03 | Updated 2026-02-03 | Assigner brocade

MEDIUM: 4.6CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-312 Cleartext Storage of Sensitive Information

Product status

Default status

unaffected

SANnav before 3.0

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/36848

cve.org (CVE-2025-12774)

nvd.nist.gov (CVE-2025-12774)

Download JSON