CVE-2024-4173

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.broadcom.com/external/content/SecurityAdvisories/0/23285	Not Applicable
https://support.broadcom.com/external/content/SecurityAdvisories/0/23285	Not Applicable

Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*

History

06 Feb 2025, 17:53

Type	Values Removed	Values Added
CPE		cpe:2.3:a:broadcom:brocade_sannav::::::::
CWE		NVD-CWE-noinfo
References	~~() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 -~~	() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 - Not Applicable
First Time		Broadcom brocade Sannav Broadcom

21 Nov 2024, 09:42

Type	Values Removed	Values Added
References	~~() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 -~~	() https://support.broadcom.com/external/content/SecurityAdvisories/0/23285 -

25 Apr 2024, 23:15

Type	Values Removed	Values Added
Summary	(en) A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2.3.1 and v2.3.0a exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS, the Brocade SANnav appliance.	(en) A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.
CVSS	v2 : ~~unknown~~ v3 : ~~9.4~~	v2 : unknown v3 : 7.6

25 Apr 2024, 13:18

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad en las versiones ova de Brocade SANnav anteriores a Brocade SANnav v2.3.1 y v2.3.0a expone a Kafka en la interfaz wan. La vulnerabilidad podría permitir que un atacante no autenticado realice varios ataques, incluido DOS, el dispositivo Brocade SANnav.

25 Apr 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-25 08:15

Updated : 2025-02-06 17:53

NVD link : CVE-2024-4173

Mitre link : CVE-2024-4173

CVE.ORG link : CVE-2024-4173

JSON object : View

Products Affected

broadcom

brocade_sannav

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

7.6 /10