Is System Recovery affected by OpenSSL vulnerabilities (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568) ?
Article ID: 100014407
Updated On:
Resolution
| CVE-2014-3513 | CVE-2014-3568 | CVE-2014-3567 | |
|
System Recovery 2011/2013/2013 R2/16/18 |
|
Backup/Restore are not impacted. When performing P2V to ESXi, please see below URL. https://www.vmware.com/security/advisories/VMSA-2015-0001 |
Backup/Restore are not impacted. When performing P2V to ESXi, please see below URL. https://www.vmware.com/security/advisories/VMSA-2015-0001 |
|
Backup Exec System Recovery 2010 or earlier |
No impact Reason: OpenSSL is not used. |
No impact Reason: OpenSSL is not used. |
No impact Reason: OpenSSL is not used. |
| Management Solution | Fixed in SMP 7.5 SP1 HF5 or SMP 7.1 SP2 MP1 v11 |
Fixed in SMP 7.5 SP1 HF5 or SMP 7.1 SP2 MP1 v11 |
No impact Reason: Unaffected OpenSSL version is used. |
Issue/Introduction
A security vulnerability has been detected in specific versions of OpenSSL. For more information regarding this vulnerability, please refer to the following link:
https://www.openssl.org/news/secadv_20141015.txt
CVE-2014-3513:SRTP Memory Leak
CVE-2014-3567:Session Ticket Memory Leak
CVE-2014-3568:Build option no-ssl3 is incomplete
https://www.openssl.org/news/secadv_20141015.txt
CVE-2014-3513:SRTP Memory Leak
CVE-2014-3567:Session Ticket Memory Leak
CVE-2014-3568:Build option no-ssl3 is incomplete
Was this article helpful?
Yes
No
Powered by
