CVE-2025-4662
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-08-27
Assigner: Brocade Communications Systems, LLC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| broadcom | brocade_sannav | to 2.4.0a (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Brocade SANnav before version 2.4.0a causes plaintext passphrases to be logged in the host server's audit logs when executing OpenSSL commands using a passphrase from the command line or a temporary file. These logs are local to the server VM and accessible only to the server administrator, not to SANnav administrators or users.
How can this vulnerability impact me? :
The impact is that sensitive passphrases may be exposed in plaintext within the host server's audit logs, potentially allowing a server administrator or anyone with access to these logs to retrieve confidential credentials. This could lead to unauthorized access or compromise of encrypted data or systems relying on those passphrases.