For more details, please see ourCookie Policy.

Fibre Channel (SAN)

Posts: 0

Need advice on the recent security vulnerabilities

Hi Brocade,


My customer has two DS 300B running at FOS 6.4.2.

He is worry about the recent security vulnerabilities.

Please advice if the switches is affected by the following vulnerabilities:


  • SSL/TLS Man-in-the-middle (MITM) vulnerability   (CVE-2014-0224)
  • DTLS recursion flaw   (CVE-2014-0221)
  • DTLS invalid fragment vulnerability   (CVE-2014-0195)
  • SSL_MODE_RELEASE_BUFFERS NULL pointer deference   (CVE-2014-0198)
  • SSL_MODE_RELEASE_BUFFERS session injection or denial of service   (CVE-2010-5298)
  • Anonymous ECDH denial of service   (CVE-2014-3470)
Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: Need advice on the recent security vulnerabilities



In the following link:


you can see all the Open source code tools used by each FOS release, so that you can go to FOS 6.4 and check if the version used is affected by each of the CVEs.




Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.