PT-2021-9764 · Brocade · Brocade Sannav

Published

2021-06-09

Updated

2021-06-11

CVE-2020-15384

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Brocade SANNav versions prior to 2.1.1

Description The issue allows for the disclosure of internal server information in the initial login response header. This can be exploited to gain sensitive information about the server.

Recommendations For versions prior to 2.1.1, update to version 2.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the login functionality until the update is applied.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

CVE-2020-15384

Affected Products

Brocade Sannav

PT-2021-9764 · Brocade · Brocade Sannav

CVE-2020-15384

Weakness Enumeration

Related Identifiers

Affected Products

References · 4