exploitDog

CVE-2025-6391

Опубликовано: 17 июл. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

Ссылки

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35951
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brocade:ascg:*:*:*:*:*:*:*:*

Версия до 3.3.0 (исключая)

EPSS

Процентиль: 15%

0.00049

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-532

Связанные уязвимости

GHSA-cqgv-gr59-9qf6

CVSS3: 9.8

github

7 месяцев назад

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

EPSS

Процентиль: 15%

0.00049

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-532