Support Content Notification - Support Portal

BSA-2017-426

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21501

Last Updated

08 September 2017

Initial Publication Date

09 September 2017

Status

Closed

Severity

Medium

CVSS Base Score

5.3

WorkAround

N/A

Affected CVE

CVE-2017-3735

Summary
Security Advisory ID : BSA-2017-426
Component : OpenSSL
Revision : 1.0: Interim

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL since then.

Affected Products

Product	Current Assessment
Brocade ServerIron ADX	Impacted - Fixed in 12.5.02q.

Products Confirmed Not Vulnerable

Brocade Fabric OS and Brocade Network Advisor are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	September 8, 2017

Summary Security Advisory ID : BSA-2017-426 Component : OpenSSL Revision : 1.0: Interim

Revision History

Summary
Security Advisory ID : BSA-2017-426
Component : OpenSSL
Revision : 1.0: Interim