CVE-2023-31423

Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a. Notes: To access the logs, the local attacker must have access to an already collected Brocade SANnav "supportsave" outputs.

Published: Aug 31, 2023
Updated: May 4, 2025
CVE: CVE-2023-31423
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-312

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
broadcom / brocade_sannav	-	2.2.2a

https://security.netapp.com/advisory/ntap-20240229-0003/
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22508

Vulnerability Database

289,871

CVE-2023-31423