OpenSSL DROWN Vulnerablity and Attachmate Products

  • 7021979
  • 02-Mar-2016
  • 02-Mar-2018


All Attachmate products


Current Attachmate products are not subject to the OpenSSL DROWN high-severity vulnerability (CVE-2016-0800).

OpenSSL released a security advisory on 1-Mar-2016 which includes a high-severity vulnerability known as DROWN (CVE-2016-0800). Traffic can be decrypted with a server supporting SSLv2 and EXPORT cipher suites, or if any server that shares the same RSA keys supports SSLv2 and EXPORT ciphers. This issue is avoided by disabling SSLv2 support on SSL/TLS servers.


Attachmate Products Not Affected

As described in previous security vulnerability alerts, the latest releases of Attachmate products already have SSLv2 and/or export-grade ciphers disabled by default.


For additional information, see


Security Alert

Additional Information

Legacy KB ID

This article was originally published as Attachmate technical note 2858.