OpenSSL team announced the following Security Advisory on 22 Mar 2023. Is PAMSC affected by CVE-2023-0464?
Excessive Resource Usage Verifying X.509 Policy Constraints (CVE-2023-0464)
Privileged Access Manager Server Control 14.x
PAMSC is using the openssl (1.0.2f for windows and for Linux we are using the OS provided openssl version) only for the creation of activemq certificate.
As this vulnerability is most likely to affect applications that have implemented their own functionality for retrieving CRLs over a network.
As per our knowledge, we do not use any custom implementation for CRL retrieval in our applications or services.