- Addresses the following security vulnerability issues published on CVE web site https://cve.mitre.org/:
Note: For CVE-2011-3389 case, we need to disable TLSv1 protocol (under Security > Access > HTTPS> HTTPS Configuration). Since GS510TP supports only SSLv3 and TLSv1, any legacy client supporting only TLSv1 may not establish the SSL connection with the switch. So, the best way is to disable the TLSv1 mode and when required for legacy clients the mode can be enabled again. However, enabling the mode will be prone to CVE-2011-3389.
- Fixed the issue where the EAP packet with unicast destination address is blocked when “EAPOL Flooding mode” is enabled while “802.1X admin mode” is disabled.
- Fixed the issue where the system freezes when downloading HTTPS/SSL certificate file (server.pem) to the switch.
- Fixed the issue where the flash logs disappear after system reboot.
- Removed “Refresh” button from FLASH log page.
- Fixed the issue where the following optional TLV values of LLDP-MED are incorrect:
- Optional Mau Type
- Auto-negotiation advertised capability
- Maximum Frame size
- Asset ID
- Manufacturer name
- Firmware and Hardware revision
- Fixed the port security issue with static MAC. When a static MAC address is specified and the “Max Allowed Dynamically Learned MAC” is set to 0 for a port, this MAC address can still be learned by other ports. As a result, device with this MAC can work with other ports with “Max Allowed Dynamically Learned MAC” not set to 0, but not with the port with static MAC configured.
- Port PVID (Switching > VLAN > Advanced > Port PVID Configuration) does not automatically changed back to 1 after its associated VLAN is deleted.