08-31-2014 07:55 PM
I have several Brocade 300's running the following code:
Fabric OS: v6.1.1a
Made on: Fri Sep 19 17:17:47 2008
Flash: Wed Nov 26 10:54:38 2008
After running a vulnerabilities scan by our security group, the following were detected:
HIGH - OpenSSL 'ChangeCipherSpec' MiTM Vulnerability
I can't seem to find whether a firmware upgrade will fix this or not? Anyone familiar with such a vulnerability with this version of FAB OS?
08-31-2014 11:50 PM
That Fabric OS release, 6.1.1a, has been EOSL for a long time. So first of all, you should upgrade the firmware and repeat the vulnerability tests.
once said this, in the following link you can check all the Open Source Code software used by each code release:
so, If you know in which version that vulnerability is corrected, you can see if that very version is available in any of the newer codes.