exploitDog

GHSA-cqgv-gr59-9qf6

Опубликовано: 18 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 7.1

CVSS3: 9.8

Описание

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

Ссылки

EPSS

Процентиль: 15%

0.00049

Низкий

7.1 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-532

Связанные уязвимости

CVE-2025-6391

CVSS3: 9.8

nvd

7 месяцев назад

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

EPSS

Процентиль: 15%

0.00049

Низкий

7.1 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-532