Pix_R
4 years agoLevel 5
OpenSSL vulnerability <Security>
Can we claim Data Insight is not affected by these known issues?
- CVE-2021-3449: Crash can be provoked when connecting to a vulnerable server.
- CVE-2021-3450: Vulnerable client can be tricked into accepting a bogus TLS certificate.
What, if any, affect will these exploits have on DI?
thank you
Pix
Case Issue:
Security Vulnerabilities
CVE-2021-3449: This does NOT affect DI
CVE-2021-3450: This does NOT affect DI
Status:
Case was closed as these were the 2 vulnerabilities of concern and CFT/ENG have confirmed that neither impact Data Insight.FYI
Pix