Products
Brocade SANnav
- before v2.31
- v2.3.0a
Source
sirt@brocade.com
Tags
CVE-2024-29967 details
Published : April 19, 2024, 5:15 a.m.
Last Modified : April 19, 2024, 1:10 p.m.
Last Modified : April 19, 2024, 1:10 p.m.
Description
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user on the host OS to read and write access to these files.
CVSS Score
1 | 2 | 3 | 4.4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
Base Score
4.4
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
References
URL | Source |
---|---|
https://support.broadcom.com/external/content/SecurityAdvisories/0/23254 | sirt@brocade.com |
This website uses the NVD API, but is not approved or certified by it.