CVE-2024-29957

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23241", "name": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23241", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23241", "name": "https://support.broadcom.com/external/content/SecurityAdvisories/0/23241", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.\n"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-532"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-29957", "ASSIGNER": "sirt@brocade.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2024-04-19T04:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.3.0a"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-02-04T15:57Z"}