CNNVD-202507-2371 Information

CNNVD ID

CNNVD-202507-2371

Related CVE

CVE-2025-6391

• CNNVD Published: 2025-07-17

Description (Chinese)

Brocade ASCG是美国博科（Brocade）公司的一种网络功能，主要用于简化SAN架构和优化资源利用。 Brocade ASCG 3.3.0之前版本存在日志信息泄露漏洞，该漏洞源于日志文件中记录未加密的JWT令牌，可能导致未授权访问和会话劫持。

Description (English)

Brocade ASCG is a network function of Brocade in the United States, mainly to simplify the SAN architecture and optimize resource use. Pre-Brocade ASCG 3.3.0 has a leak in log information, which originates from unencrypted JWT badges recorded in log files, which may lead to unauthorized access and hijacking of sessions.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

博科

Published

2025-07-17

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-6391

Patch

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35951