search cancel

CVE-2022-3602 and CVE-2022-3786: Is DX NetOps vulnerable to the OpenSSL v3 Vulnerability?


Article ID: 253304


Updated On:


CA Spectrum DX NetOps CA Virtual Network Assurance CA Performance Management - Usage and Administration CA Network Flow Analysis (NetQos / NFA) CA Mediation Manager


CVE-2022-3602 and CVE-2022-3786 were published by OpenSSL on November 1st, 2022.  



Only versions 3.0+ of OpenSSL are affected.



Not Affected or does not use component:

  • DX NetOps NFA - Ships 1.1.1l
  • DX NetOps Spectrum - Ships 1.1.1g
  • DX NetOps CAMM - utilizes the openssl version installed on the operating system.  If the version is found vulnerable, it needs to be updated manually by the customer.  DX Netops CAMM does not ship OpenSSL.
  • DX NetOps CABI - Not Shipped
  • DX NetOps PM - Ships 1.0.2k-fips
  • DX NetOps Kafka - Not shipped
  • DX NetOps OI Connector - Not shipped
  • DX NetOps VNA - Not shipped

Additional Information