Primary

Context

Brocade SANnav Weak TLS Cipher Vulnerability on Ports 443 and 18082

Vulnerability

Patched

A vulnerability exists in Brocade SANnav versions prior to 2.3.1b, where weak TLS ciphers are enabled on ports 443 and 18082. This vulnerability allows an attacker to intercept and read the SANnav data stream, which includes performance data, port status, zoning information, WWNs, and IP addresses from monitored Brocade Fabric OS switches. However, no customer data, personal data, or sensitive information such as secrets or passwords is exposed, as this information does not traverse the network.

Impact

Exploitation of this vulnerability allows for the interception and reading of unencrypted SANnav data, including performance metrics and configuration details from Brocade Fabric OS switches.

Remediation

Users can upgrade to Brocade SANnav versions 2.4.0 or 2.3.1b to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

6.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

6.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Brocade SANnav Weak TLS Cipher Vulnerability on Ports 443 and 18082

Vulnerability

Impact

Remediation

Affected Products

Brocade SANnav

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating