I have several Brocade 300's running the following code:
Kernel: 220.127.116.11 Fabric OS: v6.1.1aMade on: Fri Sep 19 17:17:47 2008Flash: Wed Nov 26 10:54:38 2008BootProm: 1.0.6
After running a vulnerabilities scan by our security group, the following were detected:
HIGH - OpenSSL 'ChangeCipherSpec' MiTM Vulnerability
I can't seem to find whether a firmware upgrade will fix this or not? Anyone familiar with such a vulnerability with this version of FAB OS?
That Fabric OS release, 6.1.1a, has been EOSL for a long time. So first of all, you should upgrade the firmware and repeat the vulnerability tests.
once said this, in the following link you can check all the Open Source Code software used by each code release:
so, If you know in which version that vulnerability is corrected, you can see if that very version is available in any of the newer codes.