CVE-2015-1793 has no impact on eDirectory

  • 7016686
  • 15-Jul-2015
  • 15-Jul-2015

Environment

NetIQ eDirectory 8.8 SP8
NetIQ iManager 2.7 SP7

Situation

Recently a security vuulnerability was reported in OpenSSL versions 1.0.1 and 1.0.2: CVE-2015-1793.  The
vulnerability is a certificate verification flaw that could allow a MiTM (man-in-the-middle) attack to take place.

Resolution

Neither eDirectory nor iManager are exposed to this vulnerability as they currently use OpenSSL 0.9.7m.

Additional Information

More information on this vulnerability can be found here:

Feedback service temporarily unavailable. For content questions or problems, please contact Support.