QwikSec

Security Database

CVE

CWE

Training

CVE-2025-12680

Published: Feb 2, 2026

Modified: Feb 3, 2026

PUBLISHED

Description

Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the database password.

Vendor	Product	Versions
Brocade	SANnav	affected `before Brocade SANnav 2.4.0b`

Weaknesses (CWE)

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36844

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.