CVE-2025-6390

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.4.0a

Description: Brocade SANnav logs passwords and Private Bag Encryption (PBE) keys in the server audit logs after installation and under specific conditions. These logs are part of the local server Virtual Machine (VM) audit logs and are not managed by SANnav. Access to these logs is restricted to the host server administrator and is not available to SANnav administrators or users.

Recommendations: Update Brocade SANnav to version 2.4.0a or later.