CVE-2015-1793 has no impact on eDirectory

  • Document ID:7016686
  • Creation Date:15-Jul-2015
  • Modified Date:15-Jul-2015
    • Micro Focus Products:
      eDirectory
      iManager

Environment

NetIQ eDirectory 8.8 SP8
NetIQ iManager 2.7 SP7

Situation

Recently a security vuulnerability was reported in OpenSSL versions 1.0.1 and 1.0.2: CVE-2015-1793.  The
vulnerability is a certificate verification flaw that could allow a MiTM (man-in-the-middle) attack to take place.

Resolution

Neither eDirectory nor iManager are exposed to this vulnerability as they currently use OpenSSL 0.9.7m.

Additional Information

More information on this vulnerability can be found here: