xMatters Not Susceptible to OpenSSL CCS Injection Vulnerability

Marked as obsolete (ref: https://xmatters.atlassian.net/browse/DOC-10377)

NVD: CVE-2014-0224

xMatters was recently notified of a vulnerability affecting certain versions of OpenSSL. xMatters is not susceptible to this vulnerability.

This vulnerability can only be exploited if both server and client are vulnerable. Since xMatters is not susceptible, there is no risk of exploitation should client systems have the vulnerability.

The CCS Injection vulnerability (CVE-2014-0224) could allow for a man-in-the-middle attack against an encrypted connection, making it possible for an attacker to intercept an encrypted data stream and allowing them to decrypt it, view and then manipulate this data. Due to the nature of this vulnerability, certificate key information is not at risk so there is no need to reissue keys or certificates.

For more information please see:

Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk