DennisNewberry

CA Nimsoft Monitor is Not Vulnerable to The OpenSSL Heart Bleed Bug

Discussion created by DennisNewberry on Apr 11, 2014
Latest reply on Apr 11, 2014 by anders.synstad

Dear Valued Customer,

 

As you may have read in the news, a security flaw known as the “Heart Bleed Bug” could allow attackers to gain access to highly sensitive information, including usernames, passwords, credit card numbers, and other important data.

 

The good news is that CA Nimsoft Monitor and CA Nimsoft Monitor Snap are not vulnerable to the OpenSSL Heart Bleed attack.

 

What are the details?

 

The OpenSSL Heart Bleed bug vulnerability affects OpenSSL versions 1.0.1 through 1.0.1f (inclusive)

 

OpenSSL version 1.0.1g is NOT vulnerable and the OpenSSL 1.0.0 branch as well as the OpenSSL 0.9.8 branch are NOT vulnerable to the Heart Bleed attack.

 

CA Nimsoft Monitor and CA Nimsoft Monitor Snap use 1.0.0c which is on a branch that is NOT  vulnerable to the Heart Bleed attack.

 

For customers under support, more information is available at:

https://na4.salesforce.com/articles/FrequentlyAskedQuestions/OpenSSL-Heartbleed-Vulnerability-is-NMS-affected-by-the-Heartbleed-virus-vulnerabilities?popup=true

 

Best regards,

 

Pete Zwetkof

Principal Product Manager, Nimsoft Monitor

 

Jim Burnes

Principal Software Engineer / Security, Nimsoft Monitor

Outcomes