Vulnerability in Brocade Ascg

CVE-2024-1509

Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS all…

EPSS: 0.001 (25.0th percentile) — read the EPSS interpretation.

Affected products

Brocade Ascg — versions before 3.2.0

Weakness classification (CWE)

CWE-523 — Unprotected Transport of Credentials

References

support.broadcom.com/web/ecx/support-content-notification/-/external/content/Se…