CVE-2022-3602 and CVE-2022-3786: Is DX NetOps vulnerable to the OpenSSL v3 Vulnerability?
Article ID: 253304
CA SpectrumDX NetOpsCA Virtual Network AssuranceCA Performance Management - Usage and AdministrationCA Network Flow Analysis (NetQos / NFA)CA Mediation Manager
CVE-2022-3602 and CVE-2022-3786 were published by OpenSSL on November 1st, 2022.
Only versions 3.0+ of OpenSSL are affected.
Not Affected or does not use component:
DX NetOps NFA - Ships 1.1.1l
DX NetOps Spectrum - Ships 1.1.1g
DX NetOps CAMM - utilizes the openssl version installed on the operating system. If the version is found vulnerable, it needs to be updated manually by the customer. DX Netops CAMM does not ship OpenSSL.