Critical severity9.1NVD Advisory· Published Jul 17, 2025· Updated Apr 6, 2026
CVE-2025-6391
CVE-2025-6391
Description
Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:broadcom:brocade_active_support_connectivity_gateway:*:*:*:*:*:*:*:*Range: <=3.2.0
- Range: <3.3.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.