Click to give Water and Food

Tuesday, April 22, 2014

Enterprise Manager not effected by Heartbleed

The Oracle Security team has indicated that Enterprise Manager Cloud Control, Grid Control as well as Ops Center are not effected by the Heartbleed vulnerability. This is mentioned in the internet published document on the Oracle Technical Network (OTN):

http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html

An excerpt from this document:

1.0 Oracle products that, while using OpenSSL, were not subject to CVE-2014-0160

Global Product Security has determined that the following products are using OpenSSL cryptographic libraries whose versions have been externally reported as not vulnerable to CVE-2014-0160 or did not use OpenSSL libraries to implement the vulnerable TLS protocol. No further action is therefore expected for these products:

  • Advanced Lights Out Manager (ALOM) [Product ID 9843/ALOM/ALOM]
  • ALOM-CMT [Product ID 9846/SYSFW-ALL/ALOM-CMT]
  • Audit Vault [Product ID 1977,9749]
  • Brocade(McData) Fiber Channel Switches and Management Software [Product ID 9864]
  • Cisco MDS Fiber Channel Switches and Management Software [Product ID 9865]
  • Corente Services Gateway
  • E-Business Suite 11i
  • eGate Integrator 5.0.5 SRE
  • Enterprise Manager Cloud Control
  • Enterprise Manager Cloud Control Plug-ins and Connectors
  • Enterprise Manager Grid Control [Product ID 1370]
  • Enterprise Manager Grid Control Plug-ins and Connectors
  • Enterprise Manager Ops Center
  • Exadata [Product ID 2546]
  • ....
  • ....

Please read the document for the full list.

Regards,

Porus.

No comments:

Disclaimer

Opinions expressed in this blog are entirely the opinions of the writers of this blog, and do not reflect the position of Oracle corporation. No responsiblity will be taken for any resulting effects if any of the instructions or notes in the blog are followed. It is at the reader's own risk and liability.