search cancel

OpenSSL 3.x vulnerability and APM

book

Article ID: 253367

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope) CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management SaaS DX APM SaaS DX Application Performance Management

Issue/Introduction

On Tuesday, October 25 a new OpenSSL hot-fix release was announced which will patch a critical vulnerability that exists within the v3.0.X branch. OpenSSL 3.0.7 will be released on Tuesday, November 1 and in tandem the details of the vulnerability and its associated CVE will be made public. (More Information: https://securityboulevard.com/2022/10/openssl-critical-vulnerability-should-you-be-spooked/)

Resolution

Per https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21016

The following products are not vulnerable:

Application Performance Management (APM)
Application Performance Management SaaS (APM)