A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches.
History

Fri, 18 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 17 Jul 2025 22:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches.
Title CLI history displays inline passwords
Weaknesses CWE-312
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:H/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: brocade

Published: 2025-07-17T21:53:39.786Z

Updated: 2025-07-18T14:10:37.202Z

Reserved: 2025-07-09T17:11:15.086Z

Link: CVE-2025-7397

cve-icon Vulnrichment

Updated: 2025-07-18T14:10:34.308Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-17T22:15:27.270

Modified: 2025-07-22T13:06:27.983

Link: CVE-2025-7397

cve-icon Redhat

No data.