Is Symantec Enterprise Vault affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)?

Article:TECH216583  |  Created: 2014-04-10  |  Updated: 2014-05-06  |  Article URL http://www.symantec.com/docs/TECH216583
Article Type
Technical Solution


Issue



A security vulnerability has been detected in specific versions of OpenSSL. For more information regarding this vulnerability, refer to the following links:

http://cvedetails.com/cve-details.php?t=1&cve_id=CVE-2014-0160

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160

http://www.kb.cert.org/vuls/id/720951

http://heartbleed.com/


Solution



Q: Is Symantec Enterprise Vault affected?

A: Symantec Enterprise Vault does not include a version of OpenSSL that is vulnerable to this attack. 

 

Q: Are there any versions of Enterprise Vault affected?

A: No versions of Enterprise Vault currently released are affected.

 

Q: What about other products such as Discovery Accelerator or Compliance Accelerator, are they affected?

A: These products do not include a version of OpenSSL that is vulnerable to this attack and are therefore not affected.




Article URL http://www.symantec.com/docs/TECH216583


Terms of use for this information are found in Legal Notices