• January 19, 2019, 12:06:56 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Are Brocade Ethernet switching and routing products affected by Heartbleed?  (Read 2009 times)

0 Members and 1 Guest are viewing this topic.

Offline Martin2341

  • Rookie
  • **
  • Posts: 21
Brocade’s family of IP products ADX, FCX, ICX, MLX, MLX-E, XMR CES, CER, RX, SX, VDX offering ServerIron, FastIron, NetIron, RX, Network OS (NOS), Brocade Network Advisor, Vyatta and vADX software do not make use of the heartbeat extensions and hence are not vulnerable to the exploit documented in CVE-2014-0160. In addition, the MyBrocade.com web site does not use OpenSSL and is not vulnerable to this issue.

Links to the CVE detailing out the "bug":
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

OpenSSL vulnerability listing on CERT site:
http://www.kb.cert.org/vuls/id/720951


Offline TankII

  • Hero Member
  • *****
  • Posts: 544
That's correct - I have validated this with Brocade as well.

TankII

Offline Martin2341

  • Rookie
  • **
  • Posts: 21
Thanks for confirming Tankll.

By the way, if anyone is interested, the link to the official Brocade documentation on this is below:
http://www.brocade.com/downloads/documents/technical_support_bulletins/brocade-products-website-not-affected-by-heartbleed.pdf

Offline Telair

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 963
Our Brocade and Avaya gear was happily not affected which is 95% of our network gear.  Our Juniper boxes, we had to upgrade a few boxes to patch them up.