CVE-2023-31925

Brocade
 SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords
 in plaintext. A privileged user could retrieve these credentials with 
knowledge and access to these log files. SNMP 
credentials could be seen in SANnav SupportSave if the capture is 
performed after an SNMP configuration failure causes an SNMP 
communication log dump.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
brocadeCNA
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
broadcombrocade_sannav
𝑥
< 2.2.2a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506