Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 6
Registered: ‎02-22-2011

Brocade 300 Vulnerabilities?

Hi All,

 

I have several Brocade 300's running the following code:

 

Kernel:     2.6.14.2  
Fabric OS:  v6.1.1a
Made on:    Fri Sep 19 17:17:47 2008
Flash:      Wed Nov 26 10:54:38 2008
BootProm:   1.0.6

 

After running a vulnerabilities scan by our security group, the following were detected:

 

HIGH - OpenSSL 'ChangeCipherSpec' MiTM Vulnerability

 

I can't seem to find whether a firmware upgrade will fix this or not?  Anyone familiar with such a vulnerability with this version of FAB OS? 

 

 

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: Brocade 300 Vulnerabilities?

hi there,

 

That Fabric OS release, 6.1.1a, has been EOSL for a long time. So first of all, you should upgrade the firmware and repeat the vulnerability tests.

 

once said this, in the following link you can check all the Open Source Code software used by each code release:

 

http://www.brocade.com/services-support/drivers-downloads/oscd/oscd_listings.page

 

 

so, If you know in which version that vulnerability is corrected, you can see if that very version is available in any of the newer codes.

 

Rgds,

Felipon

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook