Sensitive Information Exposure through Log Files in Brocade SANnav

Sensitive Information Exposure through Log Files in Brocade SANnav

CVE-2023-31423 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.

Learn more about our Web Application Penetration Testing UK.