CVE-2024-29957

When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.

Published: Apr 19, 2024
Updated: May 4, 2025
CVE: CVE-2024-29957
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
broadcom / brocade_sannav	-	2.3.0a

https://support.broadcom.com/external/content/SecurityAdvisories/0/23241

Vulnerability Database

289,871

CVE-2024-29957