CVE & Vulnerability

CVE-2024-1509 - Brocade ASCG Missing HSTS Configuration Vulnerability

CVE ID : CVE-2024-1509 Published : Feb. 28, 2025, 10:15 p.m. | 44 minutes ago Description : Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

AutorAutor
Mär 1, 2025 - 00:00
 0  0
CVE-2024-1509 - Brocade ASCG Missing HSTS Configuration Vulnerability
CVE ID : CVE-2024-1509
Published : Feb. 28, 2025, 10:15 p.m. | 44 minutes ago
Description : Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read More

Tags:

Vorheriger Artikel

CVE-2025-26466 - OpenSSH Memory Consumption Denial of Service Vulnerability

Nächster Artikel

CVE-2025-27410 - PwnDoc Path Traversal Remote Code Execution

Autor
Autor

Verwandte Beiträge

CVE-2024-47415 - Animate Use After Free Vulnerability

CVE-2024-47415 - Animate Use After Free Vulnerability

Autor Okt 9, 2024  0  2

CVE-2024-29970 - Fortanix Enclave OS Critical Interface State Corruption Via Injected Signals

CVE-2024-29970 - Fortanix Enclave OS Critical Interface...

Autor Jan 10, 2025  0  1

CVE-2023-50366 - QNAP QTS/QuTS Hero Cross-Site Scripting

CVE-2023-50366 - QNAP QTS/QuTS Hero Cross-Site Scripting

Autor Sep 6, 2024  0  2