Brocade Active Support Connectivity Gateway
CVE-2025-6391
HIGH
Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure.
AnalysisAI
JSON Web Token exposure in Brocade Active Support Connectivity Gateway (ASCG) prior to version 3.3.0 enables high-privileged local attackers to extract unencrypted authentication tokens from log files, leading to unauthorized access and session hijacking. This CWE-532 (insertion of sensitive information into log file) vulnerability requires local access with high privileges but presents low attack complexity. EPSS data not provided; no confirmed active exploitation (not present in CISA KEV); no public exploit code identified at time of analysis. The CVSS 4.0 score of 7.1 reflects significant confidentiality and integrity impact within the vulnerable component scope.
Technical ContextAI
Brocade Active Support Connectivity Gateway is Broadcom's remote support infrastructure component used for secure connectivity between customer environments and Brocade support systems. The vulnerability stems from CWE-532 (Insertion of Sensitive Information Into Log File), where the application writes JSON Web Tokens directly to log files in cleartext. JWTs are bearer tokens commonly used for authentication and session management in modern web applications and APIs. When logged unencrypted, these tokens become accessible to any user with sufficient privileges to read system logs. The affected product is identified by CPE cpe:2.3:a:broadcom:brocade_active_support_connectivity_gateway:*:*:*:*:*:*:*:* for all versions prior to 3.3.0. This represents a design flaw in logging practices where sensitive authentication material is treated as standard diagnostic data rather than protected credential information requiring secure handling and storage.
RemediationAI
Upgrade Brocade Active Support Connectivity Gateway to version 3.3.0 or later, which resolves the JWT logging issue. Organizations should obtain the patched version through Broadcom's official support channels and follow vendor-provided upgrade procedures documented in the security advisory at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35951. As an interim risk mitigation measure until patching is complete, organizations should implement strict access controls on ASCG log file directories, limiting read access to only essential administrative accounts, and consider implementing log file encryption at rest if supported by the underlying operating system. Review existing log files for exposed JWT tokens and rotate any potentially compromised credentials or sessions. Implement monitoring for unauthorized access to log directories and establish audit trails for log file access by privileged users.
Brocade Active Support Connectivity Gateway versions up to 3.4.0 contains a vulnerability that allows attackers to an un
Weak cryptography in Brocade Active Support Connectivity Gateway (ASCG) versions prior to 3.3.0 exposes local communicat
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today