CVE-2022-28165

Name of the Vulnerable Software and Affected Versions Brocade SANNav versions prior to 2.2.0

Description A vulnerability in the role-based access control (RBAC) functionality could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The issue exists because restrictions are not performed on the server side to ensure the user has required permission before processing requests.

Recommendations For versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue. As a temporary workaround, consider implementing additional access controls on the server side to restrict unauthorized access to resources.