CVE-2025-4662

Published: Jul 10, 2025

Modified: Jul 11, 2025

PUBLISHED

Description

Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user.

Vendor	Product	Versions
Broadcom	Brocade SANnav	affected `before SANnav 2.4.0a`

Weaknesses (CWE)

CWE-497

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35908

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-4662

Description

Affected Products

Weaknesses (CWE)

References