CVE-2024-10403
SFTP/FTP password could be captured in plain text in Supportsave generated from SANnav
Brocade Fabric OS versions before
8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can
capture the SFTP/FTP server password used for a firmware download
operation initiated by SANnav or through WebEM in a weblinker core dump
that is later captured via supportsave.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Brocade · Fabric OS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →