ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Is Symantec Messaging Gateway (SMG) affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)


Article ID: 159157


Updated On:


Messaging Gateway


Inquiries asking whether the Symantec Messaging Gateway is affected by the "heartbleed" OpenSSL bug (CVE-2014-0160) that allows highly sensitive material such as primary key information to be accessed illicitly via a defect in the implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).


Symantec Messaging Gateway is not affected by this vulnerability, as it doesn't run an OpenSSL version that is susceptible to this defect.

For other Symantec products, please see the subsequent support documents or teams for comment.