For more details, please see ourCookie Policy.

Management Software

New Member
Posts: 1
Registered: ‎06-16-2017
Accepted Solution

Vulnerabilities on Host Connectivity Manager

[ Edited ]

I must solve some vulnerabilities created by the process hcmagent.exe located on C:\Program Files\Brocade\Adapter\driver\util\hbaagent\bin
They are related to weak ciphers and protocols (SSL RC4 etc) . I do not know if some configurations should be applied or there is an update or patch.
SSL Version 2 and 3 Protocol Detection (POODLE)
TLS Version 1.2 Protocol Not Enabled     
SSL RC4 Cipher Suites Supported     
SSL 64-bit Block Size Cipher Suites Supported (SWEET32)
SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
SSL RC4 Cipher Suites Supported
IETF X.509 SSL Certificate Signature Collision Vulnerability
SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption)


1. I need to know how these vulnerabilities could be solved or how to apply strong ciphers. Could this be done by setting the variable SSLCiphers HIGH instead of ALL in the file abyss.conf?
C:\Program Files\Brocade\Adapter\driver\util\hbaagent\conf\abyss.conf

2. In addition I must solve vulnerabilities related to certificates due to the same process and port. How can be a certificate 2048b/SHA2  imported for this application?

3. Regarding TLS1.2, how can this be set on this application? (the OS registry is already correctly set)


any experience on this matter? I have not found information on this in Security Advisories section.

External Moderator
Posts: 5,680
Registered: ‎02-23-2004

Re: Vulnerabilities on Host Connectivity Manager



HCM is a part of HBA Management Software aquiered by QLOGIC now Acquired by Cavium


Fow Update download -if available - please visit




Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.