CVE-2024-29959

Name of the Vulnerable Software and Affected Versions Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a

Description The issue is related to the disclosure of information through registration files in the Standby Node Support Save component of Brocade SANnav software for managing SAN networks. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. The vulnerability causes Brocade Fabric OS switch encrypted passwords to be printed in the Brocade SANnav Standby node's support save.

Recommendations For Brocade SANnav versions prior to 2.3.1, update to version 2.3.1 or later. For Brocade SANnav version 2.3.0a, update to a version that includes the necessary security fixes, such as version 2.3.1 or later. As a temporary workaround, consider restricting access to the support save files of the Standby node to minimize the risk of exploitation.