CVE-2025-12774

< 3.0

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SA

7.5HIGH

CVE-2025-12773

< 2.4.0a

A vulnerability in update-reports-purge-settings.sh script logging for Brocade SANnav before 2.4.0a could allow the collection of

6.5MEDIUM

CVE-2025-12772

< 2.4.0b

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on

4.9MEDIUM

CVE-2025-12680

< 2.4.0b

Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster rec

4.9MEDIUM

CVE-2025-12679

< 2.4.0b

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption (PBE) key in plaintext in the system audit l

6.5MEDIUM

CVE-2022-28168

< 2.1.1.8

In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 e

7.5HIGH

CVE-2022-28167

< 2.1.1.8

Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2.1.1.8 logs the Brocade Fabric OS switch password in plain t

6.5MEDIUM

CVE-2022-28166

< 2.1.1.8

In Brocade SANnav version before SANN2.2.0.2 and Brocade SANNav before 2.1.1.8, the implementation of TLS/SSL Server Supports the

7.5HIGH

CVE-2022-2068

all versions

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script d

7.3HIGH

CVE-2022-28162

< 2.2.0

Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.

3.3LOW

CVE-2022-28161

< 2.2.0

An information exposure through log file vulnerability in Brocade SANNav versions before Brocade SANnav 2.2.0 could allow an authe

5.5MEDIUM

CVE-2022-28165

< 2.2.0

A vulnerability in the role-based access control (RBAC) functionality of the Brocade SANNav before 2.2.0 could allow an authentica

8.8HIGH

CVE-2022-28164

< 2.2.0

Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm for the storage of passwords. This

6.5MEDIUM

CVE-2022-28163

< 2.2.0

In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection

9.8CRITICAL

CVE-2020-15385

< 2.1.1

Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a

5.4MEDIUM

CVE-2020-15384

< 2.1.1

Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server i

5.3MEDIUM

CVE-2020-15380

< 2.1.1

Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.

7.5HIGH

CVE-2020-15378

< 2.1.1

The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the

5.3MEDIUM

CVE-2020-15377

< 2.1.1

Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfi

9.8CRITICAL

CVE-2020-15381

< 2.1.1

Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authen

7.5HIGH

CVE-2020-13401

all versions

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft I

6.0MEDIUM