CVE-2022-28167
MEDIUMBroadcom Sannav < 2.1.1.8 - Insufficiently Protected Credentials
Title source: ruleDescription
Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain text in asyncjobscheduler-manager.log
Scores
CVSS v3
6.5
EPSS
0.0022
EPSS Percentile
43.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-522
Status
published
Affected Products (1)
broadcom/sannav
< 2.1.1.8
Timeline
Published
Jun 27, 2022
Tracked Since
Feb 18, 2026