The purpose of this post is to provide information regarding the recently disclosed vulnerability in the OpenSSL protocol documented by CVE-2014-0160 and also known as “The Heartbleed bug.” This vulnerability takes advantage of the heartbeat extensions to the OpenSSL protocol (RFC6520).
Links to the CVE detailing out the "bug": https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
OpenSSL vulnerability listing on CERT site: http://www.kb.cert.org/vuls/id/720951
Brocade’s family of SAN products running the Fabric OS or FOS software as well as the Brocade Network Advisor software program do not make use of the heartbeat extensions and hence are not vulnerable to the exploit documented in CVE-2014-0160. In addition, the MyBrocade.com web site does not use OpenSSL thus is not vulnerable to this issue.