Severe Flaws Disclosed in Brocade SANnav SAN Management Software

News

Apr 26, 2024NewsroomSupply Chain Attack / Software Security

Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances.

The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported them.

The issues range from incorrect firewall rules, insecure root access, and Docker misconfigurations to lack of authentication and encryption, thus allowing an attacker to intercept credentials, overwrite arbitrary files, and completely breach the device.

Cybersecurity

Some of the most severe flaws are listed below –

  • CVE-2024-2859 (CVSS score: 8.8) – A vulnerability that could allow an unauthenticated, remote attacker to log in to an affected device using the root account and execute arbitrary commands
  • CVE-2024-29960 (CVSS score: 7.5) – The use of hard-coded SSH keys in the OVA image, which could be exploited by an attacker to decrypt the SSH traffic to the SANnav appliance and compromise it.
  • CVE-2024-29961 (CVSS score: 8.2) – A vulnerability that can allow an unauthenticated, remote attacker to stage a supply chain attack by taking advantage of the fact the SANnav service sends ping commands in the background at periodic intervals to the domains gridgain[.]com and ignite.apache[.]org to check for updates
  • CVE-2024-29963 (CVSS score: 8.6) – The use of hard-coded Docker keys in SANnav OVA to reach remote registries over TLS, thereby allowing an attacker to carry out adversary-in-the-middle (AitM) attack on the traffic
  • CVE-2024-29966 (CVSS score: 7.5) – The presence of hard-coded credentials for root users in publicly-available documentation that could permit an unauthenticated attacker full access to the Brocade SANnav appliance.

Following responsible disclosure twice in August 2022 and May 2023, the flaws have been addressed in SANnav version 2.3.1 released in December 2023. Brocade’s parent company Broadcom, which also owns Symantec and VMware, released advisories for the flaws earlier this month.

Hewlett Packard Enterprise has also shipped patches for a subset of these vulnerabilities in HPE SANnav Management Portal versions 2.3.0a and 2.3.1 as of April 18, 2024.

SANnav SAN Management Software

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Massive Telecom Hack Exposes US Officials to Chinese Espionage
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
CISOs Turn to Indemnity Insurance as Breach Pressure Mounts

Leave a Reply

Your email address will not be published. Required fields are marked *