CVE-2024-29963

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries.
Configurations

No configuration.

History

26 Apr 2024, 23:15

Type Values Removed Values Added
Summary (en) Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach remote registries over TLS. TLS connections with an exposed key allow an attacker to MITM the traffic. Note: Brocade SANnav doesn't have access to remote Docker registries. (en) Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries.
CVSS v2 : unknown
v3 : 8.6
v2 : unknown
v3 : 1.9

19 Apr 2024, 13:10

Type Values Removed Values Added
Summary
  • (es) Brocade SANnav OVA anterior a v2.3.1 y v2.3.0a contiene claves codificadas utilizadas por Docker para acceder a registros remotos a través de TLS. Las conexiones TLS con una clave expuesta permiten a un atacante MITM el tráfico. Nota: Brocade SANnav no tiene acceso a registros Docker remotos.

19 Apr 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-19 04:15

Updated : 2024-04-26 23:15


NVD link : CVE-2024-29963

Mitre link : CVE-2024-29963

CVE.ORG link : CVE-2024-29963


JSON object : View

Products Affected

No product.

CWE
CWE-798

Use of Hard-coded Credentials