BSA-2020-1074
21573
28 December 2020
08 September 2020
Closed
High
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N - 6.8 Medium
N/A
CVE-2019-16212
Summary Security Advisory ID : BSA-2020-1074 Component : LDAP injection Revision : 1.0
A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability allows a remote attacker to bypass the authentication process.
Affected Products
Brocade SANnav versions before v2.1.0.
Products Confirmed Not Vulnerable
No other Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.
Solution
A security update is provided in Brocade SANnav 2.1.0.
Recommended Action
Brocade strongly recommends that all customers running the impacted version(s) upgrade to one of the identified patch levels or a higher version of Brocade SANnav to obtain this update.
Credit
This issue was discovered through security testing.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | September 08, 2020 |
2.0 | CVSS Score changed | December 28, 2020 |