Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Brocade SANNav — Vulnerabilities & Security Advisories 56

All 56 CVE vulnerabilities found in Brocade SANNav, with AI-generated Chinese analysis, references, and POCs.

This page serves as a vulnerability aggregation resource for the Brocade SANnav product, focusing on various software weakness classifications. It compiles a comprehensive list of known security issues affecting this specific storage area network management solution, covering vulnerability records from its initial release up to the present day. The dataset includes publicly disclosed Common Vulnerabilities and Exposures (CVEs) as well as privately reported defects that have been remediated by the vendor. Readers can use this resource to track a vendor's advisories over time, gaining insight into their response patterns and patching cadence. Furthermore, the aggregated data allows users to understand a weakness class in the context of enterprise storage software, revealing common code flaws or configuration errors. Users can also look up a product's vulnerability history to assess long-term security stability and risk posture. By centralizing these details, the page facilitates a clearer view of the security landscape surrounding Brocade SANnav, enabling administrators and security analysts to make informed decisions regarding upgrades, mitigations, and risk assessments. The information is structured to support both historical analysis and current threat evaluation without requiring users to search through multiple disparate sources or release notes.

Vendor: Brocade Communications Systems, Inc.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392) CWE-532 6.2AIMediumAI2025-07-10
CVE-2025-6390 Cleartext storage of sensitive information in Brocade SANnav server audit logs. CWE-497 5.5AIMediumAI2025-07-10
CVE-2025-4662 Plaintext security passwords are logged in the audit logs while executing openssl cmd CWE-497 5.5AIMediumAI2025-07-10
CVE-2024-4282 Weak TLS Ciphers on Brocade SANnav OVA SSH port 22 CWE-327 7.5 -2025-02-14
CVE-2024-10405 Weak TLS Ciphers on Brocade SANnav port 443 & 18082 CWE-327 7.5 -2025-02-14
CVE-2024-2240 Docker implementation in Brocade SANnav is missing Audit Rules. CWE-250 8.8 -2025-02-14
CVE-2025-1053 Brocade SANnav encryption key is logged in the debug logs CWE-532 4.4 -2025-02-14
CVE-2024-10404 Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave CWE-312 5.5 Medium2025-02-14
CVE-2024-2860 Broadcom Brocade SANnav 安全漏洞 CWE-306 7.8 High2024-05-08
CVE-2024-2859 By default, SANnav OVA is shipped with root user login enabled (CVE-2024-2859) 6.8 Medium2024-04-27
CVE-2024-4173 SANnav versions exposes Kafka in the wan interface. CWE-200 7.6 High2024-04-25
CVE-2024-4161 Syslog traffic sent in clear-text CWE-319 8.6 High2024-04-25
CVE-2024-4159 Protection mechanisms CWE-200 4.3 Medium2024-04-25
CVE-2024-29969 TLS/SSL weak message authentication code ciphers are added by default for port 18082 CWE-326 7.5 High2024-04-19
CVE-2024-29968 SQL Table names, column names, and SQL queries are collected in DR standby Supportsave CWE-922 7.7 High2024-04-19
CVE-2024-29967 In Brocade SANnav before v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points CWE-276 4.4 Medium2024-04-19
CVE-2024-29965 Insecure backup CWE-922 6.8 Medium2024-04-19
CVE-2024-29964 Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files CWE-732 5.7 Medium2024-04-19
CVE-2024-29962 Insecure file permission setting that makes files world-readable CWE-276 5.5 Medium2024-04-19
CVE-2024-29963 Brocade SANnav contains hardcoded TLS keys used by Docker CWE-798 1.9 Low2024-04-19
CVE-2024-29961 supply-chain attack risk CWE-200 8.2 High2024-04-19
CVE-2024-29960 Identical SSH keys utilized inside the OVA image (CVE-2024-29960) CWE-798 6.8 Medium2024-04-19
CVE-2024-29959 Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save CWE-532 8.6 High2024-04-19
CVE-2024-29958 Encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. CWE-532 7.5 High2024-04-19
CVE-2024-29957 Encryption key is stored in the DR log files CWE-532 7.5 High2024-04-19
CVE-2024-29956 cleartext password in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav CWE-312 6.5 Medium2024-04-18
CVE-2024-29955 Insertion of Sensitive Information into Brocade SANnav Log File CWE-532 5.0 Medium2024-04-17
CVE-2024-29952 Clear text storage of sensistive information by manipulating command variables CWE-312 5.5 Medium2024-04-17
CVE-2024-29951 Brocade SANnav has weak encryption in internal SSH ports CWE-326 5.7 Medium2024-04-17
CVE-2024-29950 Brocade SANnav before v2.3.1, v2.3.0a uses weak encryption CWE-326 7.5 High2024-04-17

All 56 known CVE vulnerabilities affecting Brocade SANNav with full Chinese analysis, references, and POCs where available.