OpenSSL announced that they are releasing a fix in 3.0.7 to address vulnerabilities CVE-2022-3786, CVE-2022-3602 and CVE-2022-3358. Is Symantec Endpoint Protection Manager (SEPM) affected by this ?

Symantec Endpoint Protection Manager

SEPM 14.3 RU5 uses OpenSSL version 3.0.2 and is affected.

SEPM 14.3 RU6 includes the fixed OpenSSL version 3.0.7. It is recommended that customers upgrade to this version to obtain the fixed OpenSSL version. For information on how to obtain the latest build of SEP, see Download Symantec software, tools, and patches.

SEPM 14.3 RU4 and earlier are unaffected as they do not use OpenSSL 3.0.x.

日本語