Information disclosure in Broadcom Brocade_sannav

CVE-2024-29957

When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encrypt…

EPSS: 0.003 (21.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-29957?
CVE-2024-29957 is a high-severity vulnerability in Broadcom Brocade_sannav, classified under Insertion of Sensitive Information into Log File. CVSS score: 7.5/10. Published 2024-04-19.
How severe is CVE-2024-29957?
High severity. CVSS v3 base score is 7.5 out of 10.