CVE-2024-29957

Name of the Vulnerable Software and Affected Versions Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a

Description The issue is related to the storage of the encryption key in the DR log files when the server is configured in Disaster Recovery mode. This could provide attackers with an additional path to acquiring the encryption key, potentially allowing unauthorized access to protected information.

Recommendations For Brocade SANnav versions prior to 2.3.1, update to version 2.3.1 or later to resolve the issue. For Brocade SANnav version 2.3.0a, update to version 2.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the DR log files to minimize the risk of exploitation.