CVE-2025-6391
JSON Web Token (JWT) Exposure in Log Files
Brocade ASCG before 3.3.0 logs JSON
Web Tokens (JWT) in log files. An attacker with access to the log files
can withdraw the unencrypted tokens with security implications, such as
unauthorized access, session hijacking, and information disclosure.
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Broadcom · Brocade ASCG¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →