216.73.217.80

CVE-2024-10404

· Published 14/02/2025 04:15 · Modified 14/02/2025 04:15

Labels: CVE-2024-10404 2025-02-14CVE-2024-10404CWE-312[email protected]

Essential information

Published
14/02/2025 04:15
Modified
14/02/2025 04:15
Author
Creator
CVSS
5.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N

CVSS metrics

Description

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive information including passwords; SNMP responses that contain AuthSecret and PrivSecret after collecting a “supportsave” or getting access to an already collected “supportsave”. NOTE: this issue exists because of an incomplete fix for CVE-2024-29952

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References