5 Replies Latest reply on Aug 9, 2016 9:29 AM by nrasmussen

    Cloud Service Appliance CVE-2016-2107

    Rookie

      Per ssllabs.com SSL site tester, our CSA is vulnerable to OpenSSL Padding Oracle vuln. (CVE-2016-2107). I checked for CSA updates and updated the CSA to the latest version, but still the testing shows vulnerabilities. How should we go about fixing this vulnerability or will LANDesk be releasing updates to fix this? Here is the system information from our CSA. Thanks in advance for any assistance!


      LANDESK Cloud Services Appliance release: 4.3.1-177.20160531.1539

      Web console version: 1.5-1.0

      Gateway service version: 8.7.0.3

      OS: CentOS release 6.3 (Final)