Vulnerability detected in Cryptographic Library used by APMI agent.
search cancel

Vulnerability detected in Cryptographic Library used by APMI agent.

book

Article ID: 426160

calendar_today

Updated On:

Products

DX SaaS

Issue/Introduction

We have received a vulnerability on APM Infrastructure agents running v25.5.2.9.

Vulnerability details:


Cryptographic Vulnerability

  • ID: ISG-302001
  • Name: Cryptographic Library in Host Filesystem is outdated and no longer supported.
  • Severity: 4
  • Generic Remediation: It is recommended to upgrade the cryptographic library located in Host Filesystem to the latest available version.

Configuration Item

  • Configuration item: <item>
  • Configuration item type: Host Filesystem

Location

  • File Name: libcaopenssl_crypto.dll
  • File Path: file:///C://apps/<app_name>/apmia/SystemEDGE/bin/libcaopenssl_crypto.dll
  • File Type: -
  • File Hash: <has_number>

Cryptographic Key Details

  • Cryptographic Library: openssl
  • Version: 1_0_2

 

Is there a newer version of the APM agent that resolves this vulnerability?

 

Resolution

Use 26.2.1 or later to update Systemedge to the latest CAPKI libraries (5.2.17) which uses openssl-1.0.2zm version.

Powered by Wolken Software