1. Home
  2. CVE Database
  3. CVE-2024-29964
MEDIUM · 5.7

CVE-2024-29964

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from th...

Vulnerability Description

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files.

CVSS Score

5.7

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
BroadcomBrocade Sannav< 2.3.0a

Related Weaknesses (CWE)

CWE-732

References

FAQ

What is CVE-2024-29964?

CVE-2024-29964 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from th...

How severe is CVE-2024-29964?

CVE-2024-29964 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-29964?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brocade Sannav.