Dear Valued Customer,
As you may have read in the news, a security flaw known as the “Heart Bleed Bug” could allow attackers to gain access to highly sensitive information, including usernames, passwords, credit card numbers, and other important data.
The good news is that CA Nimsoft Monitor and CA Nimsoft Monitor Snap are not vulnerable to the OpenSSL Heart Bleed attack.
What are the details?
The OpenSSL Heart Bleed bug vulnerability affects OpenSSL versions 1.0.1 through 1.0.1f (inclusive)
OpenSSL version 1.0.1g is NOT vulnerable and the OpenSSL 1.0.0 branch as well as the OpenSSL 0.9.8 branch are NOT vulnerable to the Heart Bleed attack.
CA Nimsoft Monitor and CA Nimsoft Monitor Snap use 1.0.0c which is on a branch that is NOT vulnerable to the Heart Bleed attack.
For customers under support, more information is available at:
https://na4.salesforce.com/articles/FrequentlyAskedQuestions/OpenSSL-Heartbleed-Vulnerability-is-NMS-affected-by-the-Heartbleed-virus-vulnerabilities?popup=true
Best regards,
Pete Zwetkof
Principal Product Manager, Nimsoft Monitor
Jim Burnes
Principal Software Engineer / Security, Nimsoft Monitor