search cancel

VAIM- OpenSSL 0.9.8/1.0.0 Detected

book

Article ID: 97348

calendar_today

Updated On:

Products

CA Server Automation CA Virtual Assurance for IM

Issue/Introduction

VAIM contains Openssl 0.9.X which has a below mentioned critical Vulnerability. 

Title: 
EOL/Obsolete Software: OpenSSL 0.9.8/1.0.0 Detected 

Description: 
An obsolete version of OpenSSL was detected on the host. Support for version 0.9.8 and 1.0.0 ended on 2015-12-31. No further releases or security fixes will be available for OpenSSL version 0.9.8 and OpenSSL version 1.0.0. 

The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is more vulnerable to viruses and other attacks. 

Customers are advised to upgrade to the latest supported version of OpenSSL. Refer to OpenSSL Downloads (https://www.openssl.org/source/) for more details. 

Environment

VAIM 12.9

Resolution

Please open a support case and request for VAIM-OpenSSL102 - 08282017.exe patch to fix the vulnerability.