Is Veritas System Recovery affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)?

book

Article ID: 100012410

calendar_today

Updated On:

Resolution

Veritas System Recovery (VSR) is not affected by this vulnerability, as it uses versions of OpenSSL version that are not susceptible to this defect.
VSR 16 uses the 1.0.1q version of OpenSSL
VSR 18 uses the 1.0.2j and 1.0.2n versions of Open SSL

Symantec System Recovery (SSR) 2011/2013/2013 R2 use OpenSSL version 0.9.8e that is not susceptible to this defect.

Backup Exec System Recovery (BESR) 2010 uses the version of SSL that is included with VMware VDDK 1.1.1 (https://www.vmware.com/support/developer/vddk/VDDK-1.1.1-Relnotes.html).

System Recovery Management Solution (VSR-MS / SSR-MS / BESR-MS) relies on the Symantec Management Platform (SMP) / Symantec IT Management Suite (ITMS). For information about how SMP/ITMS may be affected by this vulnerability, please refer to the following Symantec articles:
https://support.symantec.com/en_US/article.TECH216654.html
https://support.symantec.com/en_US/article.TECH216635.html

Issue/Introduction

A security vulnerability has been detected in specific versions of OpenSSL. For more information regarding this vulnerability, please refer to the following link: https://heartbleed.com/

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"