Broadcom Brocade Active Support Connectivity Gateway — known CVE vulnerabilities
Every CVE whose affected-product data names Broadcom Brocade Active Support Connectivity Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-1509 — CVSS 9.1 (critical): Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be…
CVE-2025-6391 — CVSS 9.1 (critical): Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files can withdraw the unencrypted…
CVE-2025-7398 — CVSS 9.1 (critical): Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.
CVE-2026-0869 — CVSS 8.8 (high): Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support…