SQL queries with sensitive information printed in logs with Brocade...

4.6 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file. An attacker with access to Brocade SANnav supportsave file, could open the file and then obtain sensitive information such as details of database tables and encrypted passwords.

Basic Information

ID CVE-2025-12774

Source brocade

Published Feb 3, 2026 at 01:28

Modified Feb 3, 2026 at 01:57

Affected Product

Vendor Brocade

Product SANnav

Version SANnav before 3.0

Affected Versions Brocade SANnav SANnav before 3.0

CWE Classification

CWE-312

References

support.broadcom.com /web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36848

{
    "lastseen": "",
    "description": "A vulnerability in the migration script for Brocade SANnav before 3.0 could allow the collection of database sql queries in the SANnav support save file.\u00a0An attacker with access to Brocade SANnav supportsave file, could open the file and  then obtain sensitive information such as details of database tables and encrypted passwords.",
    "published": "2026-02-03T01:28:43.430Z",
    "modified": "2026-02-03T01:57:22.992Z",
    "type": "cve",
    "title": "SQL queries with sensitive information printed in logs with Brocade SANnav before 3.0",
    "source": "brocade",
    "references": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36848",
    "id": "CVE-2025-12774",
    "bulletinFamily": "",
    "cwe": [
        "CWE-312"
    ],
    "cvelist": null,
    "sourceData": "Brocade SANnav SANnav before 3.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.6,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SANnav",
    "version": "SANnav before 3.0",
    "vendor": "Brocade",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SQL queries with sensitive information printed in logs with Brocade SANnav before 3.0_CVE-2025-12774