Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100
Vulnerability Description
Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
CVSS Information
N/A
Vulnerability Type
凭证传输未经安全保护
Vulnerability Title
Brocade ASCG 安全漏洞
Vulnerability Description
Brocade ASCG是美国博科(Brocade)公司的一种网络功能,主要用于简化SAN架构和优化资源利用。 Brocade ASCG 3.2.0之前版本存在安全漏洞,该漏洞源于未强制实施HSTS,容易受到降级攻击和中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A