VULNERABILITIES / FIXES - May 12, 2014
by Carol~ - 5/12/14 12:28 PM
WebSAM Service Manager OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
Release Date : 2014-05-12
Criticality level : Less critical
Impact : Exposure of sensitive information
Where : From local network
Solution Status: Unpatched
Software: WebSAM Service Manager 9.x
NEC Corporation has acknowledged two vulnerabilities in WebSAM Service Manager, which can be exploited by malicious people to disclose potentially sensitive information.
The vulnerabilities are caused due to a bundled vulnerable version of OpenSSL.
The vulnerabilities are reported in version 9.32.
No official solution is currently available.