CVE-2025-7398

Published: Jul 17, 2025Modified: Apr 6, 2026

8.6

Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: sirt@brocade.com (Secondary)

Description

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.

Affected (1)

Products: Broadcom: Brocade Active Support Connectivity Gateway

1 product

Brocade Active Support Connectivity Gateway

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Broadcom Brocade Active Support Connectivity Gateway	Up to 3.2.0

Related CWEs

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (1)

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35950

Source: sirt@brocade.com

Vendor Advisory

Timeline

No history available yet.