CVE-2024-29966

Name of the Vulnerable Software and Affected Versions Brocade SANnav OVA versions prior to 2.3.1 Brocade SANnav OVA version 2.3.0a

Description The issue is related to the use of hard-coded credentials in the documentation of the Brocade SANnav appliance, which can be used as the root password. This could allow an unauthenticated attacker to gain full access to the appliance.

Recommendations For Brocade SANnav OVA versions prior to 2.3.1, update to version 2.3.1 or later. For Brocade SANnav OVA version 2.3.0a, update to version 2.3.1 or later. As a temporary workaround, consider changing the root password to a unique and secure value until a patch is applied.