Broadcom OpenSSL POODLE Vulnerability Assessment for Brocade User guide

Type
User guide

Broadcom OpenSSL POODLE Vulnerability Assessment for Brocade provides information on OpenSSL vulnerability CVE-2014-3566. This vulnerability affects SSL protocol 3.0 and allows man-in-the-middle attackers to obtain cleartext data via a padding oracle attack. The document includes the current assessment of Brocade products and provides instructions on how to mitigate the vulnerability. The advisory includes information on impacted products, fixed versions, and workarounds.

Broadcom OpenSSL POODLE Vulnerability Assessment for Brocade provides information on OpenSSL vulnerability CVE-2014-3566. This vulnerability affects SSL protocol 3.0 and allows man-in-the-middle attackers to obtain cleartext data via a padding oracle attack. The document includes the current assessment of Brocade products and provides instructions on how to mitigate the vulnerability. The advisory includes information on impacted products, fixed versions, and workarounds.

Brocade Security Advisory ID: BSA-2014-002
Initial Publication Date: March 10, 2015
Revision: 1.7
Revision Date: April 7, 2017
Page 1
Component: OpenSSL
CVSS: 4.3
CVE-2014-3566: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses
nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain
cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Product
Current Assessment
Brocade SDN Controller
Not Impacted
Brocade 5400 vRouter
Impacted Fixed in 6.7R4.
Brocade 5600 vRouter
Not Impacted
Brocade Fabric OS
Impacted v6.x through v7.x.
Fixed in 7.2.1d, 7.3.0c, 7.3.1, 6.4.3g, and 6.2.2g.
Brocade Network OS
Not Impacted
Brocade NetIron
Not Impacted
Brocade FastIron
Not Impacted
Brocade BigIron RX
Impacted - Fixed in RX02800g and RX02900d.
ServerIron JetCore
Impacted 10.2.02 and 11.0.00.
Fixed in 10.2.02h.
Brocade ServerIron ADX
Impacted 12.3.01, 12.4.0, and 12.5.1.
Fixed in 12.3.01p, 12.4.00s, and 12.5.01f.
Brocade Virtual ADX
Impacted Virtual ADX 3.0.00.
Fixed in Virtual ADX 3.1.01
Brocade Virtual Traffic Manager
(formerly Brocade SteelApp Traffic
Manager (STM))
Impacted - Disable SSL 3.0 in the global settings and all
virtual server and pool configuration files where
ssl_decrypt and ssl_encrypt are enabled. SSL 3.0 is
disabled by default on installations of version 9.9 and
later.
Brocade Services Director (formerly
SteelApp Services Controller (SSC))
Impacted - Upgrade to version 2.0 and later.
Brocade Virtual Web Application
Firewall (formerly Brocade SteelApp
Application Firewall (SAF))
Not Impacted
Brocade Network Advisor
Impacted 11.0.x to 11.3.x and 12.0.x to 12.2.x.
Fixed in 12.3.4.
Brocade IronView Network
Manager
Migrate to 12.3.4
Brocade Data Center Fabric
Manager
Migrate to 12.3.4
Brocade Security Advisory ID: BSA-2014-002
Initial Publication Date: March 10, 2015
Revision: 1.7
Revision Date: April 7, 2017
Page 2
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL
PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY,
INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN
RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE’S CURRENT
KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO
BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT
TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
Document Revision
Changes
1.0
First release
1.1
Updated NOS status; Removed USD-X which is no longer support;
Updated Brocade IT and NMS response
1.2
Updated information for FOS, SI and ADX
1.3
Updated information for FastIron, NetIron and BigIron RX
1.4
Updated information for vRouter products and document format
1.5
Updated information for 5600 vRouter, FOS, BigIron, Firewall, and BNA
1.6
Updated information for JetCore
1.7
Updated information for FOS, JetCore, ServerIron ADX, and BNA
  • Page 1 1
  • Page 2 2

Broadcom OpenSSL POODLE Vulnerability Assessment for Brocade User guide

Type
User guide

Broadcom OpenSSL POODLE Vulnerability Assessment for Brocade provides information on OpenSSL vulnerability CVE-2014-3566. This vulnerability affects SSL protocol 3.0 and allows man-in-the-middle attackers to obtain cleartext data via a padding oracle attack. The document includes the current assessment of Brocade products and provides instructions on how to mitigate the vulnerability. The advisory includes information on impacted products, fixed versions, and workarounds.

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI