CVE-2024-29967

MEDIUM

Brocade SANnav <2.31-2.3.0a - Info Disclosure

Title source: llm

Description

In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files.

References (1)

Core 1

Core References

Vendor Advisory

https://support.broadcom.com/external/content/SecurityAdvisories/0/23254

Scores

CVSS v3 4.4

EPSS 0.0008

EPSS Percentile 24.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-276

Status published

Products (1)

broadcom/brocade_sannav < 2.3.0a

Published Apr 19, 2024

Tracked Since Feb 18, 2026