TLS/SSL weak message authentication code ciphers are added by default for port 18082.(CVE-2024-29969)
23251
30 April 2024
17 April 2024
CLOSED
HIGH
7.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2024-29969
Brocade Security Advisory ID |
BSA-2024-2566 |
Component |
TLS |
|
|
Summary
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082.
Products Affected
Brocade SANnav before v2.3.0a
Solution
The security update is provided in Brocade v2.3.1, v2.3.0a, and later releases.
Workaround
Manually remove the ciphers in configuration files.
AES256+EECDH
AES256+EDH
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Contact your service provider for assistance in manually removing the ciphers.
Credit
DELL reported the issue to Brocade.
Revision History
Version |
Change |
Date |
1.0 |
Initial Publication |
4/17/2024 |
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.