Home / Early Warning / Vulnerabilidades / CVE-2019-16205

CVE-2019-16205

Type: 
Use of Insufficiently Random Value
Severity: 
Medium
Publication date: 
11/08/2019
Last modified: 
11/14/2019
Description
A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal.
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:a:broadcom:brocade_sannav:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
Explanation of fields