BSA-2019-864
21608
28 October 2019
28 October 2019
Closed
High
4.3
N/A
CVE-2019-16205
Summary Security Advisory ID : BSA-2019-864 Component : SANnav portal Revision : 1.0
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal and is exploitable only is attacker is somehow able to hijack user session.
References
CWE-341: Predictable from Observable State
Product Confirmed Non Vulnerable
No other Brocade Fibre Channel technology products from Broadcom are currently known to be affected by these vulnerabilities.
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | October 28, 2019 |