Brocade SANnav <2.4.0a logs plaintext passphrases in audit logs
CVE-2025-4662 Published on July 10, 2025
Plaintext security passwords are logged in the audit logs while executing openssl cmd
Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file.
These audit logs are the local server VMs audit logs and are not controlled by SANnav. These logs are only visible to the server admin of the host server and are not visible to the SANnav admin or any SANnav user.
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2025-4662
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-4662 are published in Broadcom Sannav:
Affected Versions
Broadcom Brocade SANnav Version before SANnav 2.4.0a is affected by CVE-2025-4662Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.