14 matches found
HTTPS configuration between Brocade SANnav Management Portal and Brocade SAN switches (no CVE)
A security researcher reported a lack of encryption in Brocade SANnav for management protocol HTTP. The researcher states: By default, the appliance can be installed with these options: To configure HTTP or HTTPS connections between SANnav Management Portal and SAN switches, select one of the...
Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2180).
Summary IBM b-type SAN switches and directors has addressed Open Source OpenSSL Vulnerabilities. Vulnerability Details CVEID:CVE-2016-2180 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM SAN b-type Switches
Summary OpenSSL issues from March 2015 containing 12 CVE were disclosed. This bulletin addresses the vulnerabilities that have been referred to as Open SSL used by IBM SAN b-type Switches. Vulnerability Details CVEID: CVE-2015-0291 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...
Security Bulletin: IBM b-type SAN switches and directors affected by Open Source OpenSSL Vulnerabilities (CVE-2016-2177, CVE-2016-2178).
Summary IBM b-type SAN switches and directors addressing Open Source OpenSSL Vulnerabilities CVE-2016-2177, CVE-2016-2178. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-2177 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer...
Security Bulletin: IBM b-type SAN switches and directors affected by XSS vulnerabilities CVE-2017-6225.
Summary Fabric OS is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser with...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors (CVE-2016-2108)
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code ...
Security Bulletin: IBM b-type SAN switches and directors affected by OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016].
Summary IBM b-type SAN switches and directors addressing OpenSSL Security Advisory 22 Sep 2016 and 26 Sep 2016 vulnerabilities. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consider the HMAC size during validation o...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors and IBM Network Advisor (CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0704, CVE-2016-0704, CVE-2016-2842).
Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors and IBM Network Advisor. IBM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0705DESCRIPTION: OpenSSL is vulnerable to a denial...
Security Bulletin: Vulnerability in SANNav Software used by IBM b-type SAN directors and switches.
Summary The SANnav Management Portal and Global View products are vulnerable due to a Jave SE issue. The vulnerability has been addressed and can be resolved by applying the SANnav code level listed below. Vulnerability Details CVEID:CVE-2022-21541 DESCRIPTION: An unspecified vulnerability in Jav...
Security Bulletin: IBM Cisco SAN switches and directors are vulnerable to OpenSSL denial of service (CVE-2016-2180).
Summary IBM Cisco SAN switches and directors OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TSOBJprintbio function. A remote attacker could exploit this vulnerability using a specially crafted time-stamp file to cause the application to crash. Vulnerability...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)
Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remot...
Security Bulletin: OpenSSL Security Advisory [22 Sep 2016] and [26 Sep 2016] affects IBM Cisco SAN switches and directors.
Summary Open SSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-6302 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the failure to consid...
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by incorrect SSLv2 rollback protection that allows for the inversion...
Cisco Patches Critical Flaws in Prime Data Center Network Manager
A debugging tool left on in deployments of Cisco’s large-scale data center management software could be remotely accessed and allow an attacker to run code with root privileges. Cisco made an update available that patches this and one other critical vulnerability in the same management software,...