Technical Support Bulletins

Technical Support Bulletin TSB 2014-190-A [1]

Description: Brocade Network Advisor (BNA) includes an unused code path that is vulnerable to the Heartbleed bug within its PostgreSQL database package. BNA may become vulnerable to the Heartbleed bug if a customer attempts to enable SSL in the PostgreSQL database packaged within BNA. One would have to go into the low level configuration files within the PostgreSQL database package files in BNA and configure the product in such a way to expose the vulnerability which is neither documented nor supported. SSL is not enabled on the PostgreSQL database and is not a supported or documented configuration. Even though PostgreSQL has the ability to support SSL encrypted database connections via an SSL enabled ODBC client, this would not be a typical end user configuration, and exposure of the PostgreSQL database to Heartbleed would not yield any useful information to a would be attacker as the sensitive information in the database itself is encrypted.
Release Date:
May 19, 2014
Edit Date:

Applicable To The Following Products

Brocade Network Advisor (BNA)

Brocade Network Advisor Brocade Network Advisor (BNA) provides management for Enterprise campus networks that support services such as video conferencing, real-time collaboration, and distance learning, helping network teams efficiently manage the network operations lifecycle, including Monitoring, Diagnostics, Change Management, and Troubleshooting, saving time and enabling IT and business agility through:
- Customizable, browser-accessable health and performance dashboards
- Discovery and monitoring
- Performance reporting
- Point-in-time analysis
- Real time alerts
- Network scope

- Reports for audit and compliance

NOTE: Ruckus ICX Switches can now be managed by SmartZoneOS controllers running SZ 5.0 and later releases.

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.