CVE-2024-4282 - Vulnerability Details

Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00061.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Broadcom	Brocade Sannav
Brocade	Sannav

Configuration 1 [-]

cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Brocade	Sannav

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://support.broadcom.com/external/content/SecurityAdvisories/0/25400

History

Tue, 26 Aug 2025 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Broadcom Broadcom brocade Sannav
CPEs		cpe:2.3:a:broadcom:brocade_sannav::::::::
Vendors & Products		Broadcom Broadcom brocade Sannav
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00038}`	epss `{'score': 0.00035}`

Tue, 18 Feb 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 14 Feb 2025 23:45:00 +0000

Type	Values Removed	Values Added
Description		Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22.
Title		Weak TLS Ciphers on Brocade SANnav OVA SSH port 22
Weaknesses		CWE-327
References		https://support.broadcom.com/external/content/SecurityAdvisories/0/25400
Metrics		cvssV4_0 `{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: brocade

Published: 2025-02-14T23:33:06.196Z

Updated: 2025-02-18T16:27:47.563Z

Reserved: 2024-04-26T22:37:43.925Z

Link: CVE-2024-4282

Vulnrichment

Updated: 2025-02-18T16:27:05.306Z

NVD

Status : Analyzed

Published: 2025-02-15T00:15:13.370

Modified: 2025-08-26T19:42:18.160

Link: CVE-2024-4282

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-13T11:23:04Z

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object