VYPR

Brocade Active Support Connectivity Gateway

by Broadcom Corporation

CVEs (3)

  • CVE-2025-7398CriJul 17, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.

  • CVE-2025-6391CriJul 17, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

  • CVE-2024-1509CriFeb 28, 2025
    risk 0.59cvss 9.1epss 0.00

    Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping…