ГлавнаяУязвимости → CVE-2025-6391
9.1критическая

CVE-2025-6391

Описание

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

Затрагиваемое ПО
Broadcom Brocade active support connectivity gateway
CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35951