{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T04:10:23.036","vulnerabilities":[{"cve":{"id":"CVE-2025-12679","sourceIdentifier":"sirt@brocade.com","published":"2026-02-02T23:15:58.107","lastModified":"2026-03-03T01:05:08.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Brocade SANnav before 2.4.0b prints the \nPassword-Based Encryption (PBE) key in plaintext in the system audit log\n file. The vulnerability could allow a remote authenticated attacker \nwith access to the audit logs to access the pbe key.\n\nNote: The vulnerability is only triggered during a migration and not \nin a new installation. The system audit logs are accessible only to a \nprivileged user on the server.\n\n\n\nThese audit logs are the local server VM’s audit logs and are not \ncontrolled by SANnav. These logs are only visible to the server admin of\n the host server and are not visible to the SANnav admin or any SANnav \nuser."},{"lang":"es","value":"Una vulnerabilidad en Brocade SANnav anterior a 2.4.0b imprime la clave de Cifrado Basado en Contraseña (PBE) en texto plano en el archivo de registro de auditoría del sistema. La vulnerabilidad podría permitir a un atacante remoto autenticado con acceso a los registros de auditoría acceder a la clave PBE.\n\nNota: La vulnerabilidad solo se activa durante una migración y no en una nueva instalación. Los registros de auditoría del sistema son accesibles solo para un usuario privilegiado en el servidor.\n\nEstos registros de auditoría son los registros de auditoría de la VM del servidor local y no están controlados por SANnav. Estos registros solo son visibles para el administrador del servidor del servidor anfitrión y no son visibles para el administrador de SANnav ni para ningún usuario de SANnav."}],"metrics":{"cvssMetricV40":[{"source":"sirt@brocade.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"sirt@brocade.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:sannav:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.0b","matchCriteriaId":"83338795-8BD8-4EC8-BFBA-2660F8150BEE"}]}]}],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36845","source":"sirt@brocade.com","tags":["Vendor Advisory"]}]}}]}