{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T13:12:37.477","vulnerabilities":[{"cve":{"id":"CVE-2024-10404","sourceIdentifier":"sirt@brocade.com","published":"2025-02-14T04:15:07.857","lastModified":"2025-08-26T20:02:17.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"CalInvocationHandler in Brocade \nSANnav before 2.3.1b logs sensitive information in clear text. The \nvulnerability could allow an authenticated, local attacker to view \nBrocade Fabric OS switch sensitive information in clear text. An \nattacker with administrative privileges could retrieve sensitive \ninformation including passwords; SNMP responses that contain AuthSecret \nand PrivSecret after collecting a “supportsave” or getting access to an \nalready collected “supportsave”. NOTE: this issue exists because of an incomplete fix for CVE-2024-29952"},{"lang":"es","value":"CalInvocationHandler en Brocade SANnav anterior a la versión 2.3.1b registra información confidencial en texto plano. La vulnerabilidad podría permitir que un atacante local autenticado vea información confidencial del conmutador Brocade Fabric OS en texto plano. Un atacante con privilegios administrativos podría recuperar información confidencial, incluidas contraseñas, respuestas SNMP que contengan AuthSecret y PrivSecret después de recopilar un “supportsave” o de obtener acceso a un “supportsave” ya recopilado. NOTA: este problema existe debido a una corrección incompleta de CVE-2024-29952"}],"metrics":{"cvssMetricV31":[{"source":"sirt@brocade.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"sirt@brocade.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.1b","matchCriteriaId":"E3A37BDB-A4C0-4964-A7F8-1F2F9F827AF7"}]}]}],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25403","source":"sirt@brocade.com","tags":["Vendor Advisory"]}]}}]}