CVE-2025-12773 – A vulnerability in Brocade SANnav's update-repo... (How to Fix)

Q: What is the severity of CVE-2025-12773?

CVE-2025-12773 has a CVSS score of N/A (Unknown). A vulnerability in Brocade SANnav's update-reports-purge-settings.sh script logs the database password to system audit logs. This allows authenticated attackers with access to audit logs to obtain the SANnav database password. Affects Brocade SANnav versions before 2.4.0a.

📋 TL;DR

A vulnerability in Brocade SANnav's update-reports-purge-settings.sh script logs the database password to system audit logs. This allows authenticated attackers with access to audit logs to obtain the SANnav database password. Affects Brocade SANnav versions before 2.4.0a.

💻 Affected Systems

Products:

Brocade SANnav

Versions: All versions before 2.4.0a

Operating Systems: Linux-based SANnav appliance OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to system audit logs; affects default logging configuration.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker obtains database credentials, gains full access to SANnav database, potentially compromising storage network configuration and sensitive data.

🟠

Likely Case

Privileged authenticated user accesses audit logs, extracts database password, gains unauthorized database access.

🟢

If Mitigated

Limited impact with proper log access controls and database network segmentation in place.

🌐 Internet-Facing: LOW - Typically SANnav management interfaces are internal, not internet-facing.

🏢 Internal Only: HIGH - Internal authenticated users can exploit this to escalate privileges and access sensitive storage network data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Simply requires reading audit logs where password is exposed.

Exploitation requires authenticated access to system logs; no special tools needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.4.0a

Vendor Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36847

Restart Required: Yes

Instructions:

1. Download SANnav 2.4.0a from Broadcom support portal. 2. Backup current configuration. 3. Apply update following vendor documentation. 4. Restart SANnav services.

🔧 Temporary Workarounds

Restrict audit log access

linux

Limit access to system audit logs to only necessary administrative users.

chmod 640 /var/log/audit/audit.log
setfacl -m u:admin:r-- /var/log/audit/audit.log

Rotate database password

linux

Change SANnav database password to invalidate any potentially logged credentials.

sannav-db-password-change --new-password <secure_password>

🧯 If You Can't Patch

Implement strict access controls on audit log files and directories.
Monitor audit log access attempts and review for unauthorized access patterns.

🔍 How to Verify

Check if Vulnerable:

Check SANnav version: sannav-version | grep 'Version'. If version is earlier than 2.4.0a, system is vulnerable.

Check Version:

sannav-version

Verify Fix Applied:

Verify version is 2.4.0a or later: sannav-version | grep '2.4.0a'. Check audit logs no longer contain database password strings.

📡 Detection & Monitoring

Log Indicators:

Audit log entries containing database connection strings or passwords
Unauthorized access attempts to audit log files

Network Indicators:

Unexpected database connection attempts from non-SANnav hosts

SIEM Query:

source="audit.log" AND "password" AND "sannav"

📊 Metadata

CVE ID: CVE-2025-12773

CVSS v3 Score: N/A (Unknown)

CWE: CWE-209

Published: February 3, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36847