News and Product Updates
Improved Security Features for JumboSwitch® Interface Cards
08/07/2024As a result of third-party penetration testing on JumboSwitch® systems, a number of improvements have been made to ensure continued security when using JumboSwitch products.
These updates are available in the latest version of software updates for the JumboSwitch interface cards for all users with a support contract.
The updates are as follows:
- Updated SSH server to enhance security
- Updates around improved security for SNMP denial of service attacks, including using an updated SNMP library
- Ensured that all web UI pages operate with authentication to eliminate web UI bypass.
- Username password encryption now AES256
- Added sanitation checks in web UI to remove potential cross-site scripting vulnerability
- Updated HTTPS to support TLS 1.2
- Added HTTPS Strict Transport Security (HSTS)
High-Impact
Medium-Impact
Low-Impact
To stay current on our other JumboSwitch product updates, follow the links below.
Product Updates: