Content

HPE announces patches for seven Open SSL bugs

HPE Tuesday issued patches for seven OpenSSL bugs which have been present for more than a year.

HPE Network Products including Intelligent Management Center (iMC), the VCX unified communications products, and the Comware 5 and Comware 7 network operating systems were affected, according to a Security Bulletin.

The patches were for Common Vulnerability and Exposure (CVE) advisories CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, and CVE-2015-1793.

The bugs could have allowed an attacker to remotely perform denial of service attacks or gain unauthorized access and some of the vulnerabilities date back to 2014 and, the bulletin said.

Most of the patches dealt with the Logjam bug, which was discovered in 2015 and could enable an attacker with a privileged network position to intercept SSL/TLS connections, according to the Register.

Users are encouraged update their systems as soon as possible.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.