Inquiries asking whether SMF or SMG-SP are affected by the "heartbleed" OpenSSL bug (CVE-2014-0160) that allows highly sensitive material such as primary key information to be accessed illicitly via a defect in the implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520).
SMF and SMG-SP are not affected by this vulnerability. Please note it's possible these products could be installed on systems where affected version of OpenSSL is deployed, this is beyond Symantec's control and support. Please ensure to install secure version of OpenSSL on your systems.
For other Symantec products, please see the subsequent support documents or teams for comment.
Imported Document ID: TECH216569
Subscribing will provide email updates when this Article is updated. Login is required.