CVE-2024-29961

A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unauthenticated, remote attacker aware of the behavior and launch a supply-chain attack against a Brocade SANnav appliance.

Published: Apr 19, 2024
Updated: May 4, 2025
CVE: CVE-2024-29961
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
broadcom / brocade_sannav	-	2.3.0a

https://support.broadcom.com/external/content/SecurityAdvisories/0/23246

Vulnerability Database

289,871

CVE-2024-29961