EXECUTIVE SUMMARY
A series of critical security vulnerabilities have been disclosed in Brocade SANnav storage area network (SAN) management application. These vulnerabilities encompass a range of issues from insecure root access and Docker misconfigurations to lack of authentication and encryption, potentially enabling attackers to intercept credentials, execute arbitrary commands, and compromise the device. Some of the most severe flaws include CVE-2024-2859, allowing remote attackers to log in as root and execute arbitrary commands; CVE-2024-29960, involving hard-coded SSH keys that could be exploited to decrypt SSH traffic and compromise the appliance; CVE-2024-29961, enabling unauthenticated attackers to stage supply chain attacks via ping commands; CVE-2024-29963, utilizing hard-coded Docker keys to conduct adversary-in-the-middle attacks; and CVE-2024-29966, where hard-coded credentials in public documentation grant unauthenticated attackers full access to the SANnav appliance. These vulnerabilities were addressed in SANnav. Additionally, for some of these vulnerabilities in their SANnav Management Portal.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY
A series of critical security vulnerabilities have been disclosed in Brocade SANnav storage area network (SAN) management application. These vulnerabilities encompass a range of issues from insecure root access and Docker misconfigurations to lack of authentication and encryption, potentially enabling attackers to intercept credentials, execute arbitrary commands, and compromise the device. Some of the most severe flaws include CVE-2024-2859, allowing remote attackers to log in as root and execute arbitrary commands; CVE-2024-29960, involving hard-coded SSH keys that could be exploited to decrypt SSH traffic and compromise the appliance; CVE-2024-29961, enabling unauthenticated attackers to stage supply chain attacks via ping commands; CVE-2024-29963, utilizing hard-coded Docker keys to conduct adversary-in-the-middle attacks; and CVE-2024-29966, where hard-coded credentials in public documentation grant unauthenticated attackers full access to the SANnav appliance. These vulnerabilities were addressed in SANnav. Additionally, for some of these vulnerabilities in their SANnav Management Portal.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://thehackernews.com/2024/04/severe-flaws-disclosed-in-brocade.html