CVE-2023-31423

Name of the Vulnerable Software and Affected Versions Brocade SANnav versions prior to 2.3.0 Brocade SANnav version 2.2.2a

Description The issue is related to possible information exposure through a log file vulnerability. Sensitive fields are recorded in the configuration log without masking. To access the logs, a local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.

Recommendations For Brocade SANnav versions prior to 2.3.0, update to version 2.3.0 or later to resolve the issue. For Brocade SANnav version 2.2.2a, consider disabling access to the configuration log until a patch is available. As a temporary workaround, restrict access to the "supportsave" outputs to minimize the risk of exploitation.