CVE-2024-10405 — MEDIUM (5.3)

Q: How severe is CVE-2024-10405?

CVE-2024-10405 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-10405?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brocade Sannav.

Vulnerability Description

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no customer data, no personal data and no secrets or passwords, as it travels across the network.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Broadcom	Brocade Sannav	< 2.3.1b

Related Weaknesses (CWE)

CWE-327

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/conVendor Advisory

FAQ

What is CVE-2024-10405?

CVE-2024-10405 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade...

How severe is CVE-2024-10405?

CVE-2024-10405 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-10405?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brocade Sannav.