cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

OpenSSL vulnerability <Security>

Pix_R
Level 4

‎03-29-2021 07:45 AM

Can we claim Data Insight is not affected by these known issues?

 

  • CVE-2021-3449: Crash can be provoked when connecting to a vulnerable server.
  • CVE-2021-3450: Vulnerable client can be tricked into accepting a bogus TLS certificate.

 

What, if any, affect will these exploits have on DI?

 

thank you
Pix

0 Kudos
2 REPLIES 2

divya25
Level 0

‎04-06-2021 09:48 AM - edited ‎04-06-2021 09:56 AM

Hi,

There may be a possibility that the DI product can be affected by the above CVE's. We need to analyze more and if you need further troubleshooting on this and want to know any updates, please reach out to veritas support.

Thanks,

Divya

0 Kudos

Pix_R
Level 4
In response to divya25

‎09-23-2021 08:35 AM

Case Issue:
Security Vulnerabilities

CVE-2021-3449: This does NOT affect DI
CVE-2021-3450: This does NOT affect DI

Status:
Case was closed as these were the 2 vulnerabilities of concern and CFT/ENG have confirmed that neither impact Data Insight.

 

 

FYI
Pix

0 Kudos