CVE-2024-4173

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

CVSS v3.0 9.8 CRITICAL

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.broadcom.com/external/content/SecurityAdvisories/0/23285	Not Applicable
https://support.broadcom.com/external/content/SecurityAdvisories/0/23285	Not Applicable

Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*

History

06 Feb 2025, 17:53

Type	Values Removed	Values Added
References	~~() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 -~~	() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 - Not Applicable
CPE		cpe:2.3:a:broadcom:brocade_sannav::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
CWE		NVD-CWE-noinfo
First Time		Broadcom Broadcom brocade Sannav

25 Apr 2024, 23:15

Type	Values Removed	Values Added
Summary	A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2.3.1 and v2.3.0a exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS, the Brocade SANnav appliance.	A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

25 Apr 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-25 08:15

Updated : 2025-02-06 17:53

NVD link : CVE-2024-4173

Mitre link : CVE-2024-4173

JSON object : View

Products Affected

broadcom

brocade_sannav

CWE

NVD-CWE-noinfo

9.8 /10