Approved changes feed: RSS · Atom
cpe:2.3:a:brocade:ascg:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Brocade (6fdec8a1-a3f9-5249-a7b8-f2ff93df10fc) |
|---|---|
| Product | Ascg (a74d3e2b-095d-5e0e-9a85-c3beb89aedf9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0869 |
vulnerable | 2026-06-03 15:14:43.098078 |
Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support Link(BSL) and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric.
Published: 2026-03-03T19:59:53.312Z
Updated: 2026-03-04T21:19:58.402Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-7397 |
vulnerable | 2026-06-03 15:12:31.107145 |
CLI history displays inline passwords
A vulnerability in the ascgshell, of
Brocade ASCG before 3.3.0 stores any command executed in the Command
Line Interface (CLI) in plain text within the command history. A local
authenticated user that can access sensitive information like passwords
within the CLI history leading to unauthorized access and potential data
breaches.
Published: 2025-07-17T21:53:39.786Z
Updated: 2025-07-18T14:10:37.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1509 |
vulnerable | 2026-06-03 14:54:27.155513 |
Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100
Brocade ASCG before 3.2.0 Web Interface is not
enforcing HSTS, as defined by RFC 6797. HSTS is an optional response
header that can be configured on the server to instruct the browser to
only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking
protections.
Published: 2025-02-28T21:52:33.870Z
Updated: 2025-03-04T19:44:55.094Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.