Heartbleed Vulnerability

  • Posted:
  • / By: anderson

CircuiTree Security Advisory for CVE-2014-0160, aka the Heartbleed Vulnerability

Overview

A vulnerability has been recently disclosed in OpenSSL that could result in remote attackers being able to obtain sensitive data from the process address space of a vulnerable OpenSSL server or client.

The issue has been assigned the following CVE identifier and is also known as the Heartbleed vulnerability:

CVE-2014-0160: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

What CircuiTree is Doing

CircuiTree has finished analyzing the impact of this issue on current products. The following sections of this advisory provide current information on each product.

CircuiTree Desktop Application (app.mycircuitree.com or applist.mycircuitree.com): The TLS libraries used by the CircuiTree Desktop Application are not vulnerable to CVE-2014-0160.

Client Registration Sites (register.mycamp.com or mycircuitree.com/mycamp) : The TLS library used by Client registration sites are not vulnerable to CVE-2014-0160.

CircuiTree Web (app.circuitreesolutions.com): The TLS library used by CircuiTree Web is not vulnerable to CVE-2014-0160.

SalesLink: The TLS library used by SaleLink  is not vulnerable to CVE-2014-0160.

CircuiTree Web Services (webservices.mycircuitree.com or api.mycircuitree.com): The TLS library used by CircuiTree Web Services is not vulnerable to CVE-2014-0160.

Leave A Comment?

You must be logged in to post a comment.