Extreme Networks is pleased to introduce the ExtremeSecurity V7.7.2.8 Patch 4.
Note
We recommend that you review this document prior to installing or upgrading this product.Fix packs are cumulative software updates to fix known software issues in your ExtremeSecurity deployment. There are five APARs associated with ExtremeSecurity V7.7.2.8 Patch 4, which address a number of specific issues in ExtremeSecurity V7.7.2.8. ExtremeSecurity fix packs are installed by using an SFS file. The fix pack can update all appliances attached to the ExtremeSecurity Console. If your deployment is installed with any of the following ExtremeSecurity versions, you can install fix pack 7.2.8-QRADAR-QRFULL-20170224202650 to upgrade to ExtremeSecurity 7.7.2.8 Patch 4:
Note
The 7.2.8-QRADAR-QRFULL-20170224202650 fix pack can upgrade ExtremeSecurity 7.7.2.4 (7.2.4.983526) and later to the latest software version. However, this document does not cover all of the installation messages and requirements, such as changes to memory requirements or browser requirements for ExtremeSecurity. To review any additional requirements, see the ExtremeSecurity Upgrade Guide. If you are on a version of ExtremeSecurity earlier than 7.7.2.4, you must upgrade to 7.7.2.4 before proceeding to 7.7.2.8.Note
Some APAR links in the table below might take 24 hours to display properly after a software release.Number | Description |
---|---|
SECURITY BULLETIN | Extreme SIEM IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2016-9740) |
SECURITY BULLETIN | Extreme SIEM AND Extreme Security Incident Forensics ARE VULNERABLE TO CROSS-SITE REQUEST FORGERY (CVE-2016-9730) |
SECURITY BULLETIN | Extreme SIEM IS VULNERABLE TO MISSING AUTHENTICATION CHECKS (CVE-2016-9729) |
SECURITY BULLETIN | Extreme SIEM AND Extreme Security Incident Forensics ARE VULNERABLE TO OS COMMAND INJECTION (CVE-2016-9726, CVE-2016-9727) |
SECURITY BULLETIN | Extreme SIEM IS VULNERABLE TO SQL INJECTION (CVE-2016-9728) |
SECURITY BULLETIN | Extreme Security Incident Forensics IS VULNERABLE TO OVERLY PERMISSIVE CORS ACCESS POLICIES (CVE-2016-9725) |
SECURITY BULLETIN | Extreme SIEM IS VULNERABLE TO XML ENTITY INJECTION (CVE-2016-9724) |
SECURITY BULLETIN | Extreme SIEM AND QRADAR Extreme Security Incident Forensics ARE VULNERABLE TO CROSS SITE SCRIPTING (CVE-2016-9723, CVE-2017-1133) |
SECURITY BULLETIN | Extreme SIEM AND Extreme Security Incident Forensics ARE VULNERABLE TO INFORMATION EXPOSURE (CVE-2016-9720) |
SECURITY BULLETIN | MOZILLA NSS AS USED IN Extreme SIEM IS VULNERABLE TO ARBITRARY CODE EXECUTION (CVE-2016-2834) |
SECURITY BULLETIN | PIVOTAL SPRING FRAMEWORK AS USED IN Extreme SIEM IS VULNERABLE TO VARIOUS CVEs |
SECURITY BULLETIN | APACHE SOLR AS USED IN Extreme SIEM AND Extreme Security Incident Forensics IS VULNERABLE TO A DENIAL OF SERVICE |
SECURITY BULLETIN | Extreme SIEM CONTAINS HARD-CODED CREDENTIALS |
SECURITY BULLETIN | Extreme SIEM USES BROKEN OR RISKY CRYPTOGRAPHIC ALGORITHMS |
SECURITY BULLETIN | APACHE TOMCAT PRIOR TO VERSION 6.0.48 IS SUSCEPTIBLE TO SEVERAL VULNERABILITIES |
SECURITY BULLETIN | Extreme SIEM AND Extreme Security Incident Forensics ARE VULNERABLE TO VARIOUS CVEs FOUND IN IBM JAVA. |
SECURITY BULLETIN | OPENSSL AS USED IN Extreme SIEM IS VULNERABLE TO VARIOUS CVEs |
IV86405 | 'APPLICATION ERROR' WHEN USING A VALUE SPECIFIED IN 'AS' CLAUSE FOR LOGSOURCENAME IN AN ADVANCED SEARCH (AQL) |
IV86407 | THE /VAR/LOG PARTITION CAN FILL DUE TO THE EXTREMESECURITY LOG FILES BEING QUICKLY FILLED WITH 'EXCEPTION IN TEST' MESSAGES |
IV87313 | 'SOURCE' AND 'DESTINATION' NETWORK GROUP SHOW FULL NETWORK HIERARCHY NAME WHEN ADDED AS A COLUMN TO DISPLAY |
IV87507 | SOME DASBOARD ITEMS NO LONGER DISPLAY IN THE EXTREMESECURITY USER INTERFACE |
IV87862 | RULE 'EXPLOIT: DESTINATION VULNERABLE TO DETECTED EXPLOIT' CAN SOMETIMES NOT TRIGGER WHEN EXPECTED |
IV89015 | APPLICATION ERROR WHEN DOUBLE CLICKING THE RESULTS OF AN 'ADVANCED SEARCH' (AQL) |
IV89556 | ECS-EP PROCESS RUNNING, BUT EVENT/FLOW PROCESSING NOT OCCURING ON A EXTREMESECURITY APPLIANCE |
IV89820 | SYSLOG EVENTS GENERATED FROM AN OFFENSE RULE DO NOT CONTAIN ANY CONFIGURED NAMING CONTIBUTIONS IN THE EVENT PAYLOAD |
IV89893 | 'ASSET MODEL HAS NOT YET BEEN UPDATED WITH SCAN RESULTS' MESSAGE WHEN NO ASSETS HAVE BEEN SCANNED |
IV89904 | VULNERABILITY MANAGER EXCEPTIONS FOR IP/CIDR/NETWORK ARE NOT RESPECTED WHEN A FILTER IS DEFINED TO EXCLUDE THEM |
IV89929 | 'MISSING PATCHES' REPORT CAN SOMETIMES BE EMPTY WHEN RUN ON SYSTEMS WITH A LARGE NUMBER OF VULNERABILITY INSTANCES |
IV90002 | VULNERABILITY MANAGER RED WARNING TRIANGLE DISPLAYED ON A SCAN RESULT WHEN THE ASSET MODEL WAS PROPERLY UPDATED |
IV90004 | ASSET MODEL 'NOT UPDATED' ICON DISPLAYS FOR A SCAN PROFILE RESULT WHEN SCAN POLICY HAS BEEN EDITED |
IV90075 | RED WARNING ICON ON VULNERABILITY MANAGER SCAN RESULTS PAGE WHEN RESULTS HAVE BEEN REPUBLISHED |
IV90376 | SECURITY APP EXCHANGE APPLICATIONS CAN FAIL TO COMMUNICATE IN SOME HIGH AVAILABILITY EXTREMESECURITY CONFIGURATIONS |
IV90421 | RULE TESTS AGAINST A REFERENCE MAP DO NOT WORK WHEN DESTINATION PORT IS NULL |
IV90793 | PATCHING TO EXTREMESECURITY 7.2.8 GA OVERWRITES CA CERTS THAT WERE LOCATED IN /ETC/PKI/TLS/CERTS/CA-CUNDLE.CRT |
IV90795 | DRILLING INTO A SEARCH THAT WAS GROUPED BY A CUSTOM EVENT PROPERTY WITH PARENTHESIS DOES NOT WORK AS EXPECTED |
IV90887 | 'ASSET MODEL HAS NOT YET BEEN UPDATED WITH SCAN RESULTS' MESSAGED DISPLAYED WHEN ASSET MODEL IS UPDATED CORRECTLY |
IV90906 | TIMES SERIES NOT WORKING FOR SOME NON-ADMIN EXTREMESECURITY USERS |
IV91300 | CREATING A REPORT BASED ON AN AQL (ADVANCED SEARCH) QUERY CONTAINING 'ORDER BY' FAILS TO GENERATE PROPER OUTPUT |
IV91322 | ATTEMPTING TO ENABLE TIMESERIES COLLECTION FOR SHARED SAVED SEARCHES CAN SOMETIMES FAIL |
IV91615 | 'ERROR: COULD NOT FIND OR LOAD MAIN CLASS COM.Q1LABS.CORE.UTIL . PASSWORDENCRYPT' WHEN CONFIGURING LDAP HOVER FEATURE |
IV91618 | EDIT SEARCH PAGE CAN SOMETIMES FAIL TO LOAD ALL OF THE EXPECTED SEARCH PAGE OPTIONS |
IV91634 | ARIEL SEARCHES THAT ARE RUN USING API VERSION 7.0+ DO NOT RETURN PAYLOAD PROPERLY FOR PARSING |
IV91635 | QUICK SEARCHES CANNOT BE REMOVED FROM THE QUICK SEARCH LIST |
IV91675 | AN 'APPLICATION ERROR' CAN BE DISPLAYED FOR NEW USERS LOGGING INTO THE QRADAR USER INTERFACE INSTEAD OF A DEFAULT DASHBOARD |
IV91816 | PATCHING EXTREMESECURITY HIGH AVAILABILITY (HA) PAIR APPLIANCES CONFIGURED USING CROSSOVER CAN SOMETIMES FAIL |
IV92139 | 'WRAP TEXT' FUNCTION FOR EVENT PAYLOAD INFORMATION DOES NOT WORK AFTER APPLYING EXTREMESECURITY PATCH |
IV92466 | EXTREMESECURITY SEARCHES CAN FAIL TO COMPLETE AND/OR DASHBOARD DATA CAN FAIL TO LOAD DUE TO AN ARIEL CONNECTION LEAK |
IV92851 | ARIEL CAN BECOME OVERLOADED CAUSING SLOWER THAN EXPECTED SEARCH RESULTS AND SLOW USER INTERFACE RESPONSE |
IV92852 | REPORTS RUNNING ON 'ACCUMULATED DATA' CAN SOMETIMES FAIL DUE TO THE GLOBAL VIEW DAILY ROLLUPS FAILING |
IV93839 | EXTREMESECURITY FEATURES USING THE ARIEL PROCESS (SEARCHES, DASHBOARDS, REPORTS, ETC.) CAN INTERMITTENTLY FAIL TO LOAD/COMPLETE (NOTE: THIS APAR WAS RECENTLY ADDED AND MIGHT TAKE UP TO 12 HORUS TO DISPLAY) |