CVE-2024-10403
SFTP/FTP password could be captured in plain text in Supportsave generated from SANnav
Brocade Fabric OS versions before
8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can
capture the SFTP/FTP server password used for a firmware download
operation initiated by SANnav or through WebEM in a weblinker core dump
that is later captured via supportsave.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Brocade · Fabric OSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →