Brocade SANnav uygulamasında yüksek riskli zafiyetler tespit edildi. Rapor edilen 18 zafiyet 2.3.0’a kadar olan sürümleri etkiliyor.
Zafiyetlerin listesi aşağıdaki gibi:
- CVE-2024-2859 (CVSS score: 8.8) – A vulnerability that could allow an unauthenticated, remote attacker to log in to an affected device using the root account and execute arbitrary commands
- CVE-2024-29960 (CVSS score: 7.5) – The use of hard-coded SSH keys in the OVA image, which could be exploited by an attacker to decrypt the SSH traffic to the SANnav appliance and compromise it.
- CVE-2024-29961 (CVSS score: 8.2) – A vulnerability that can allow an unauthenticated, remote attacker to stage a supply chain attack by taking advantage of the fact the SANnav service sends ping commands in the background at periodic intervals to the domains gridgain[.]com and ignite.apache[.]org to check for updates
- CVE-2024-29963 (CVSS score: 8.6) – The use of hard-coded Docker keys in SANnav OVA to reach remote registries over TLS, thereby allowing an attacker to carry out adversary-in-the-middle (AitM) attack on the traffic
- CVE-2024-29966 (CVSS score: 7.5) – The presence of hard-coded credentials for root users in publicly-available documentation that could permit an unauthenticated attacker full access to the Brocade SANnav appliance.
Bu zafiyetler Aralık 2023’te piyasaya sürülen SANnav sürüm 2.3.1’de giderilmişti. Hewlett Packard Enterprise ise 18 Nisan 2024’de HPE SANnav sürümleri 2.3.0a ve 2.3.1 için yamalar yayınladı.
