Is Symantec Security Information Manager (SSIM) vulnerable to CVE 2014-0160?

Article:TECH216593  |  Created: 2014-04-10  |  Updated: 2014-05-19  |  Article URL http://www.symantec.com/docs/TECH216593
Article Type
Technical Solution

Product(s)

Issue



SSIM uses OpenSSL packages and SSIM 4.8.1 is using RHEL 6.4 kernel so you want to know if the vulnerability in CVE 2014-0160 (Heartbleed) applies to SSIM 4.7.x and SSIM 4.8.x?


Solution



Neither SSIM version 4.7.4 or SSIM version 4.8.x are vulnerable to Heartbleed as long as the deployment guidelines are followed.  

Such as, the SSIM server command line is not accessed and SSIM is not used to initiate communication to an unknown or malicious website external to your network.

The "Reverse Heartbleed" vulnerability potentially effects the SSIM product when someone uses the appliance to communicate out to a malicious website outside of your network.

However, this cannot be exploited because the attacker would require command line access and credentials to SSIM in order to exploit this vulnerability.

To further secure the SSIM from the ReverseHeartbleed vulnerability, apply the appropriate Hotfix for your SSIM version attached to this article.

 


Attachments

SSIM 4.8 Reverse HeartBleed hotfix
4.8_Hotfix-14.tar.gz (13.6 MBytes)
4.8_Hotfix-14.tar.gz.md5 (56 Bytes)


README_SSIM-4.8_Hotfix-14.TXT (7 kBytes)
4.8.1_Hotfix-5.tar.gz (18.4 MBytes)
4.8.1_Hotfix-5.tar.gz.md5 (57 Bytes)
README_SSIM-4.8.1_Hotfix-5.TXT (5 kBytes)


Article URL http://www.symantec.com/docs/TECH216593


Terms of use for this information are found in Legal Notices