SANnav encrypted key in PostgreSQL startup logs (CVE-2024-29955)

2024-04-1700:00:00

Broadcom Security Response

support.broadcom.com

brocade sannav

vulnerability

encrypted key

postgresql

logs

privileged user

software

encryption key

cve-2024-29955

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs.
This could provide attackers with an additional, less-protected path to acquiring the encryption key.

CPENameOperatorVersion
brocade sannavlt2.3.0a

CPE	Name	Operator	Version
	brocade sannav	lt	2.3.0a