Support Content Notification - Support Portal

BSA-2022-1842

Product/Component

Brocade SANnav

1 more products

Notification Id

21295

Last Updated

04 May 2022

Initial Publication Date

04 May 2022

Status

Closed

Severity

High

CVSS Base Score

7.0 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

WorkAround

N/A

Affected CVE

CVE-2022-28163

Summary

Security Advisory ID : BSA-2022-1842

Component : Zone Management

Revision : 1.0

In Brocade SANnav before Brocade SANnav 2.2.0, multiple endpoints associated with Zone management are susceptible to SQL injection, allowing an attacker to run arbitrary SQL commands.

Affected Products.

Brocade SANnav - Fixed in Brocade SANnav 2.2.0

Product Confirmed Not Vulnerable

No other Brocade Fibre Channel Products from Broadcom products are currently known to be affected by this vulnerability.

Credit

The issue was discovered in penetration testing.

Revision History

Version	Change	Date
1.0	Initial Publication	May 3, 2022