HPE announces patches for seven Open SSL bugs

HPE has patched seven Open SSL vulnerabilities, some of which were more than a year old.
HPE has patched seven Open SSL vulnerabilities, some of which were more than a year old.

HPE Tuesday issued patches for seven OpenSSL bugs which have been present for more than a year.

HPE Network Products including Intelligent Management Center (iMC), the VCX unified communications products, and the Comware 5 and Comware 7 network operating systems were affected, according to a Security Bulletin.

The patches were for Common Vulnerability and Exposure (CVE) advisories CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-1793.

The bugs could have allowed an attacker to remotely perform denial of service attacks or gain unauthorized access and some of the vulnerabilities date back to 2014 and, the bulletin said.

Most of the patches dealt with the Logjam bug, which was discovered in 2015 and could enable an attacker with a privileged network position to intercept SSL/TLS connections, according to the Register.

Users are encouraged update their systems as soon as possible.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS