OpenSSL Multiple Vulnerabilities in RSA products
EMC CONFIDENTIAL ? SUBJECT TO CONFIDENTIALITY PROVISIONS IN LICENSE AGREEMENT
Impact: The OpenSSL project released a security advisory on June 5, 2014 disclosing multiple vulnerabilities in OpenSSL. It can be found at
https://www.openssl.org/news/secadv_20140605.txt
These issues have the following CVEs:
These issues apply to:
Resolution: RSA is aware of this issue and working with product organizations to investigate the issue and identify the impact. The impact of these
vulnerabilities on RSA products may vary depending on the affected product.
This table will be updated as additional information becomes available.
RSA Product Name | Versions | Impact | Comment |
3D Secure | ALL Supported | No Impact | |
Access Manager | ALL Supported | No Impact | |
Adaptive Authentication Hosted | ALL Supported | No Impact | |
Adaptive Authentication On Prem | ALL Supported | No Impact | |
Archer | ALL Supported | No Impact | |
Authentication Manager | 5.x,6.x,7.x | No Impact | |
Authentication Manager | 8.x | Impacted | Only customers with Read-Only DB access are impacted and at low risk |
Aveksa | ALL Supported | No Impact | |
Aveksa StealthAUDIT | Impacted | Remediation plan in progress | |
BSAFE | ALL Supported | No Impact | |
Data Loss Protection | 9.6.x | Impacted | Remediation plan in progress |
Data Protection Manager | ALL Supported | No Impact | |
Digital Certificate Server | ALL Supported | No Impact | |
ECAT | ALL Supported | No Impact | |
enVision | ALL Supported | No Impact | |
Federated Identity Manager | ALL Supported | No Impact | |
FraudAction | ALL Supported | No Impact | |
Netwitness | 9.6, 9.7 | No Impact | |
Netwitness | 9.8.x | Impacted | Remediation plan in progress |
RSA Live Infrastructure | ALL Supported | Impacted | Remediated |
SecurID 700 Hardware Token | ALL Supported | No Impact | |
SecurID 800 Hardware Token | ALL Supported | No Impact | |
SecurID Agent for PAM | ALL Supported | No Impact | |
SecurID Agent for UNIX | ALL Supported | No Impact | |
SecurID Agent for Web | ALL Supported | No Impact | |
SecurID Agent for Windows | ALL Supported | No Impact | |
SecurID Authentication Client | ALL Supported | No Impact | |
SecurID Authentication Engine | ALL Supported | No Impact | |
SecurID Authentication SDK | ALL Supported | No Impact | |
SecurID Software Token Converter | ALL Supported | No Impact | |
SecurID Software Token for Android | ALL Supported | No Impact | |
SecurID Software Token for Blackberry | ALL Supported | No Impact | |
SecurID Software Token for Desktop | ALL Supported | No Impact | |
SecurID Software Token for iPhone | ALL Supported | No Impact | |
SecurID Software Token for Windows Mobile | ALL Supported | No Impact | |
SecurID Software Token Toolbar | ALL Supported | No Impact | |
SecurID Software Token Web SDK | ALL Supported | No Impact | |
SecurID Transaction Signing SDK | ALL Supported | No Impact | |
Security Analytics | 10.0.x-10.3.x |
Impacted | Remediation plan in progress |
Security Analytics (Windows Legacy Collector) | ALL Supported | Impacted | Remediation plan in progress |
Web Threat Detection (Silvertail) | ALL Supported | No Impact |