CVE-2022-28161

Name of the Vulnerable Software and Affected Versions Brocade SANNav versions prior to 2.2.0

Description An information exposure through log file vulnerability could allow an authenticated, local attacker to view sensitive information such as ssh passwords in filetansfer.log in debug mode. To exploit this issue, the attacker would need to have valid user credentials and turn on debug mode.

Recommendations For Brocade SANNav versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue. As a temporary workaround, consider disabling debug mode to minimize the risk of exploitation. Restrict access to the filetansfer.log file to prevent unauthorized viewing of sensitive information.