Brocade SANnav: Attackers can obtain access data through security leaks

There are security gaps in Broadcom's Brocade SANnav that could allow attackers to gain unauthorized access data or carry out various attacks. Updated software packages are intended to rectify the vulnerabilities.

Broadcom has now warned of a total of five security vulnerabilities in the storage area network management software. The developers consider the most serious to be a loophole through which Brocade SANnav saves the encryption keys in a Brocade SANnav support save in the event of certain errors during installation or an upgrade. Attackers with elevated privileges to access the Brocade database can use this encryption key to gain access to passwords used by SANnav.

Brocade SANnav: Further high-risk vulnerabilities

The Docker daemon in Brocade SANnav runs without auditing. This allows registered attackers from the network to carry out various attacks. The reason for this is that docker operations are carried out with elevated rights and with unrestricted access in the host system.

Furthermore, the encryption for SSH on port 22 is insecure: Brocade SANnav activates outdated SHA1 settings for remote access. This makes the encryption vulnerable to collision attacks.

The security messages in detail:

• Brocade SANnav encryption key is logged in the debug logs CVE-2025-1053, CVSS 8.6, risk"high"
• Docker implementation in Brocade SANnav is missing Audit Rules CVE-2024-2240, CVSS 8.6, high
• Weak TLS Ciphers on Brocade SANnav OVA SSH port 22 CVE-2024-4282, CVSS 8.2, high
• Weak TLS Ciphers on Brocade SANnav port 443 & 18082 CVE-2024-10405, CVSS 6.9, medium
• Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave CVE-2024-10404, CVSS 5.5, medium

The vulnerabilities correct versions 2.4.0 and 2.3.1b of Brocade SANnav. IT managers should install them quickly due to the severity of some of the vulnerabilities.

(dmk)