{"api_version":"1","generated_at":"2026-04-22T21:39:07+00:00","cve":"CVE-2023-31925","urls":{"html":"https://cve.report/CVE-2023-31925","api":"https://cve.report/api/cve/CVE-2023-31925.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-31925","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-31925"},"summary":{"title":"CVE-2023-31925","description":"Brocade\n SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords\n in plaintext. A privileged user could retrieve these credentials with \nknowledge and access to these log files. SNMP \ncredentials could be seen in SANnav SupportSave if the capture is \nperformed after an SNMP configuration failure causes an SNMP \ncommunication log dump.","state":"PUBLIC","assigner":"sirt@brocade.com","published_at":"2023-08-31 01:15:00","updated_at":"2023-09-05 18:24:00"},"problem_types":["CWE-312"],"metrics":[],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506","name":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506","refsource":"MISC","tags":[],"title":"Support Content Notification - Support Portal - Broadcom support portal","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-31925","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31925","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"31925","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brocade_sannav","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-31925","ASSIGNER":"sirt@brocade.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Brocade\n SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords\n in plaintext. A privileged user could retrieve these credentials with \nknowledge and access to these log files. SNMP \ncredentials could be seen in SANnav SupportSave if the capture is \nperformed after an SNMP configuration failure causes an SNMP \ncommunication log dump.\n\n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-312 Cleartext Storage of Sensitive Information","cweId":"CWE-312"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Brocade","product":{"product_data":[{"product_name":"Brocade SANnav","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"status":"affected","version":"Brocade SANnav before v2.3.0 and v2.2.2a "}],"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506","refsource":"MISC","name":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22506"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"UNKNOWN"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-08-31 01:15:00","lastModifiedDate":"2023-09-05 18:24:00","problem_types":["CWE-312"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.2a","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}