search cancel

Is Endpoint Protection Manager affected by OpenSSL vulnerability CVE-2022-3786, CVE-2022-3602 and CVE-2022-3358 ?

book

Article ID: 253326

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

OpenSSL announced that they are releasing a fix in 3.0.7 to address vulnerabilities CVE-2022-3786, CVE-2022-3602 and CVE-2022-3358. Is Symantec Endpoint Protection Manager (SEPM) affected by this ?

Environment

Symantec Endpoint Protection Manager

Cause

SEPM 14.3 RU5 uses OpenSSL version 3.0.2 and is affected.

Resolution

SEPM 14.3 RU6 includes the fixed OpenSSL version 3.0.7. It is recommended that customers upgrade to this version to obtain the fixed OpenSSL version. For information on how to obtain the latest build of SEP, see Download Symantec software, tools, and patches.

SEPM 14.3 RU4 and earlier are unaffected as they do not use OpenSSL 3.0.x.

Additional Information

日本語