CVE-2025-6392

Published: Jul 10, 2025

Modified: Jul 11, 2025

PUBLISHED

Description

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user.

Vendor	Product	Versions
Broadcom	Brocade SANnav	affected `Brocade SANnav versions before 2.4.0a`

Weaknesses (CWE)

CWE-532

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35910

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-6392

Description

Affected Products

Weaknesses (CWE)

References