CVE-2022-43933

Name of the Vulnerable Software and Affected Versions Brocade SANnav versions prior to 2.2.2

Description An information exposure through log file vulnerability exists, where configuration secrets are logged in the supportsave file. This file is generated by an admin user during troubleshooting of the switch. The logged information may include usernames, passwords, and secret keys.

Recommendations For Brocade SANnav versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the supportsave file to minimize the risk of exploitation. Avoid using the supportsave feature until the issue is resolved.