8/8/2023 0 Comments Openssl licensingCitrix NetScaler IPMI/LOM Interface: This interface is impacted by these issues.Instructions on updating the system virtual machine templates can be found in the following Citrix Knowledge Center article. Citrix recommends that customers update the system virtual machine templates to a patched version and then reboot any Secondary Storage VMs to ensure that the updated OpenSSL version is being used. Citrix has released updated system virtual machine templates to resolve this issue. Citrix CloudPlatform: The TLS interface exposed by the Secondary Storage VM in Cloud Platform versions 4.2, 4.2.1, 4.2.1-x, 4.3, and 4.3.0.1 are impacted by CVE- 2014-0224.These updated versions are availble from the Citrix website at the following address: Customers are advised to upgrade their appliances to version 7.3.0 or later or 7.2.2 or later. Citrix CloudBridge: Updated appliance firmware has been released to address this vulnerability on Citrix CoudBridge.The following sections of this advisory provide current information on each product. In deployments where Citrix client components are used to make TLS connections to non-Citrix servers, Citrix recommends that customers verify with the vendors that those server components are not impacted by CVE-2014-0224.Ĭitrix is actively analyzing the impact of this issue on currently supported products. As patching the server components addresses the currently known attack, Citrix recommends that customers apply any required patches to server-side components to mitigate this issue. CVE-2014-3470: Anonymous ECDH denial of serviceįor more details on the underlying CVEs please refer to the OpenSSL security advisory: Īs noted in the OpenSSL security advisory, CVE-2014-0224 is currently only believed to be exploitable in scenarios where an unpatched OpenSSL based client is connecting to an unpatched OpenSSL 1.0.1 based server.CVE-2010-5298: SSL_MODE_RELEASE_BUFFERS session injection or denial of service. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |