Broadcom Published Security Advisories for Multiple 0-Day Vulnerabilities in Brocade SANnav

Pierre Barre, an independent security researcher, recently disclosed 18 0-day vulnerabilities in Brocade SANnav and reported them to the product's vendor, Broadcom, which owns Symantec and VMware. According to the researcher, several of these Brocade SANnav vulnerabilities were initially reported in a September 2022 security assessment to the vendor. However, Brocade rejected the findings because they didn't address the latest version of SANnav. The researcher also discovered three new 0-day vulnerabilities in the latest version of Brocade SANnav, in addition to the previously reported issues. Let's take a closer look at the 0-day vulnerabilities disclosed in Brocade SANnav, their impact, affected versions, and the protection and mitigation measures available.

A Short Note About Brocade SANnav

Brocade SANnav is a SAN management software solution designed to simplify the management, monitoring, and troubleshooting of storage area networks (SANs). It provides a centralized platform for administering Fibre Channel switches and fabrics, allowing IT teams to optimize performance, ensure availability, and streamline operations. Key features of Brocade SANnav include intuitive web-based interfaces, real-time monitoring and alerting, advanced analytics, and integration with other management tools. By leveraging SANnav, organizations can gain better visibility into their SAN infrastructure and proactively address potential issues before they impact business operations.

List of Vulnerabilities Disclosed in Brocade SANnav

The security researcher, Pierre Barre, disclosed a total of 18 vulnerabilities in Brocade SANnav, including several critical issues that could lead to unauthorized access, data manipulation, and system compromise. Here's a detailed list of the vulnerabilities:

2. CVE-2024-4173 - Brocade SANnav OVA versions expose Kafka on the WAN interface:

3. CVE-2024-4161 - Syslog traffic sent in clear-text:

4. CVE-2024-4159 - Protection mechanisms:

5. CVE-2024-29960 - Hard-coded and identical SSH keys inside the OVA image:

6. CVE-2024-29961 - Ping at regular intervals:

7. CVE-2024-29962 - Insecure file permission settings that make files world-readable:

8. CVE-2024-29963 - Hard-coded keys used by Docker to reach remote registries over TLS:

9. CVE-2024-29964 - Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration:

10. CVE-2024-29965 - A local attacker can recover backup files, restore them to a new malicious appliance, and retrieve the passwords of all the switches:

11. CVE-2024-29966 - Hard-coded credentials in the documentation that appear as the root password:

12. CVE-2024-29967 - Docker instances inside the appliance have insecure mount points, allowing read and write access to sensitive files:

Additionally, the researcher found several vulnerabilities that were not assigned CVE numbers:

These detailed findings highlight the numerous security weaknesses present in Brocade SANnav,

The successful exploitation of the disclosed vulnerabilities in Brocade SANnav can have severe consequences for organizations. Attackers can gain unauthorized access to critical systems, manipulate sensitive data, and disrupt business operations. They can take control of the SANnav appliance and connected SAN switches, intercept clear-text data transmissions, and move laterally within the network. The presence of hardcoded credentials and insecure configurations further increases the risk of data breaches, intellectual property theft, financial losses, and reputational damage.Organizations must prioritize patching and mitigation efforts to safeguard their SAN infrastructure and minimize the risk of falling victim to cyber attacks.

Affected Versions of Brocade SANnav

According to the security researcher, the vulnerabilities were found in Brocade SANnav versions up to 2.3.0, including version 2.2.2, which was the latest release at the time of the initial report. It is crucial for organizations to check their SANnav deployments and ensure they have applied the necessary patches and updates to mitigate these risks.

How Can Organizations Protect their SANnav Systems from these Vulnerabilities?

To protect their SANnav systems from the disclosed vulnerabilities, organizations should:

By implementing these security measures, organizations can significantly reduce the risk of successful attacks exploiting the disclosed vulnerabilities in Brocade SANnav and maintain the integrity and resilience of their SAN infrastructure.

We hope this post helps you know about recently published security advisories for 18 0-Day vulnerabilities in Brocade SANnav. Thanks for reading this post. Please share this post and help secure the digital world.Visit our website thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive updates like this.