After a 19-month saga going back-and-forth over multiple vulnerabilities in Brocade’s SANnav management application, security researcher Pierre Barre said Broadcom — which acquired Brocade in 2017 — finally patched the flaws this April, 11 months after first acknowledging the bugs. Barre noted in a blog post that three of the 18 flaws he discovered could let attackers send malicious data and intercept credentials sent in clear-text, potentially compromising the entire SANnav Fibre Channel infrastructure.
Source: SC Magazine