CVE-2023-31925

Name of the Vulnerable Software and Affected Versions Brocade SANnav versions prior to 2.3.0 Brocade SANnav version 2.2.2a

Description The issue allows a privileged user to retrieve SNMPv3 Authentication passwords stored in plaintext, given knowledge and access to log files. This could occur when an SNMP configuration failure causes an SNMP communication log dump, potentially exposing SNMP credentials in SANnav SupportSave.

Recommendations For Brocade SANnav versions prior to 2.3.0, update to version 2.3.0 or later to resolve the issue. For Brocade SANnav version 2.2.2a, consider upgrading to a newer version to mitigate the risk, as version 2.2.2a is affected. As a temporary workaround, consider restricting access to log files and SANnav SupportSave to minimize the risk of exploitation.