Lucene search
K
BroadcomBrocade Active Support Connectivity Gateway

4 matches found

CVE
CVE
added 2025/02/28 9:52 p.m.96 views

CVE-2024-1509

CVE-2024-1509 affects Brocade ASCG prior to version 3.2.0, where the web interface does not enforce HTTP Strict Transport Security (HSTS) for ports 8030 and 8100. Root cause: missing HSTS enforcement increases susceptibility to downgrade and SSL-stripping MITM attacks and weakens cookie-hijacking...

9.1CVSS7AI score0.00341EPSS
CVE
CVE
added 2025/07/17 9:45 p.m.33 views

CVE-2025-6391

CVE-2025-6391 affects Brocade ASCG prior to 3.3.0. The issue arises from logging JSON Web Tokens (JWT) in log files, enabling an attacker with log access to withdraw unencrypted tokens, potentially leading to unauthorized access, session hijacking, and information disclosure. Public-coverage in m...

9.1CVSS6.2AI score0.00236EPSS
CVE
CVE
added 2025/07/17 9:28 p.m.22 views

CVE-2025-7398

The CVE-2025-7398 issue affects Brocade ASCG prior to version 3.3.0. The vulnerability arises from the use of medium-strength cryptography on internal ports 9000 and 8036, potentially reducing cryptographic strength for traffic on those ports. Descriptions across multiple sources consistently ref...

9.1CVSS6.7AI score0.00162EPSS
CVE
CVE
added 2026/03/03 7:59 p.m.19 views

CVE-2026-0869

CVE-2026-0869 describes an authentication bypass in Brocade ASCG 3.4.0, enabling an unauthorized user to perform ASCG operations related to Brocade Support Link (BSL) and streaming configuration. The vulnerability could also disable the ASCG application or disable BSL data collection on fabric sw...

8.8CVSS5.9AI score0.00397EPSS