A number of safety vulnerabilities disclosed in Brocade SANnav storage space community (SAN) administration utility may very well be exploited to compromise vulnerable home equipment.
The 18 flaws impression all variations as much as and together with 2.3.0, in response to unbiased safety researcher Pierre Barre, who found and reported them.
The problems vary from incorrect firewall guidelines, insecure root entry, and Docker misconfigurations to lack of authentication and encryption, thus permitting an attacker to intercept credentials, overwrite arbitrary information, and fully breach the system.
A number of the most extreme flaws are listed beneath –
- CVE-2024-2859 (CVSS rating: 8.8) – A vulnerability that might enable an unauthenticated, distant attacker to log in to an affected system utilizing the foundation account and execute arbitrary instructions
- CVE-2024-29960 (CVSS rating: 7.5) – The usage of hard-coded SSH keys within the OVA picture, which may very well be exploited by an attacker to decrypt the SSH site visitors to the SANnav equipment and compromise it.
- CVE-2024-29961 (CVSS rating: 8.2) – A vulnerability that may enable an unauthenticated, distant attacker to stage a provide chain assault by benefiting from the very fact the SANnav service sends ping instructions within the background at periodic intervals to the domains gridgain[.]com and ignite.apache[.]org to verify for updates
- CVE-2024-29963 (CVSS rating: 8.6) – The usage of hard-coded Docker keys in SANnav OVA to succeed in distant registries over TLS, thereby permitting an attacker to hold out adversary-in-the-middle (AitM) assault on the site visitors
- CVE-2024-29966 (CVSS rating: 7.5) – The presence of hard-coded credentials for root customers in publicly-available documentation that might allow an unauthenticated attacker full entry to the Brocade SANnav equipment.
Following accountable disclosure twice in August 2022 and Could 2023, the issues have been addressed in SANnav model 2.3.1 launched in December 2023. Brocade’s mother or father firm Broadcom, which additionally owns Symantec and VMware, launched advisories for the issues earlier this month.
Hewlett Packard Enterprise has additionally shipped patches for a subset of those vulnerabilities in HPE SANnav Administration Portal variations 2.3.0a and a couple of.3.1 as of April 18, 2024.