Skip to main content

Brocade Active Support Connectivity Gateway CVE-2025-6391

HIGH
Insertion of Sensitive Information into Log File (CWE-532)
2025-07-17 sirt@brocade.com
7.1
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.1 HIGH
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Apr 06, 2026 - 14:22 vuln.today
CVE Published
Jul 17, 2025 - 22:15 nvd
HIGH 7.1

DescriptionCVE.org

Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.

AnalysisAI

JSON Web Token exposure in Brocade Active Support Connectivity Gateway (ASCG) prior to version 3.3.0 enables high-privileged local attackers to extract unencrypted authentication tokens from log files, leading to unauthorized access and session hijacking. This CWE-532 (insertion of sensitive information into log file) vulnerability requires local access with high privileges but presents low attack complexity. EPSS data not provided; no confirmed active exploitation (not present in CISA KEV); no public exploit code identified at time of analysis. The CVSS 4.0 score of 7.1 reflects significant confidentiality and integrity impact within the vulnerable component scope.

Technical ContextAI

Brocade Active Support Connectivity Gateway is Broadcom's remote support infrastructure component used for secure connectivity between customer environments and Brocade support systems. The vulnerability stems from CWE-532 (Insertion of Sensitive Information Into Log File), where the application writes JSON Web Tokens directly to log files in cleartext. JWTs are bearer tokens commonly used for authentication and session management in modern web applications and APIs. When logged unencrypted, these tokens become accessible to any user with sufficient privileges to read system logs. The affected product is identified by CPE cpe:2.3:a:broadcom:brocade_active_support_connectivity_gateway:*:*:*:*:*:*:*:* for all versions prior to 3.3.0. This represents a design flaw in logging practices where sensitive authentication material is treated as standard diagnostic data rather than protected credential information requiring secure handling and storage.

RemediationAI

Upgrade Brocade Active Support Connectivity Gateway to version 3.3.0 or later, which resolves the JWT logging issue. Organizations should obtain the patched version through Broadcom's official support channels and follow vendor-provided upgrade procedures documented in the security advisory at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35951. As an interim risk mitigation measure until patching is complete, organizations should implement strict access controls on ASCG log file directories, limiting read access to only essential administrative accounts, and consider implementing log file encryption at rest if supported by the underlying operating system. Review existing log files for exposed JWT tokens and rotate any potentially compromised credentials or sessions. Implement monitoring for unauthorized access to log directories and establish audit trails for log file access by privileged users.

Share

CVE-2025-6391 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy