Dear Zen Master,
Yesterday 3rd of May, it was released a set of OpenSSL vulnerabilities (2 of them with high severity) where a Man In The Middle attack could decrypt traffic when the SSL connection uses certain ciphers. More information here.
In detail, the vulnerabilities released and checked for Zen Load Balancer Editions are:
- Memory corruption in the ASN.1 encoder (CVE-2016-2108) – Severity High
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) – Severity High
- EVP_EncodeUpdate overflow (CVE-2016-2105) – Severity Low
- EVP_EncryptUpdate overflow (CVE-2016-2106) – Severity Low
- ASN.1 BIO excessive memory allocation (CVE-2016-2109) – Severity Low
- EBCDIC overread (CVE-2016-2176) – Severity Low
Zen Load Balancer Enterprise & Community Editions needs the OpenSSL updates that we provide with any of our Support Plans. Please contact with us for any doubt.
Enjoy a secured Load Balancing!
Related Blogs
Posted by zenweb | 20 July 2022
A network operations center (NOC) is a central location where IT teams in an organization monitor the performance of a network. The NOC provides servers, databases, hard disk space, and…
14 LikesComments Off on Network Operations Center, Definition and Top 4 Best Practices
Posted by zenweb | 11 July 2022
Introduction The process of achieving and maintaining PCI DSS Compliance is not easy for any organization. Be it a large-scale organization, mid-sized firm, or a small company, PCI DSS can…
12 LikesComments Off on What Preparations are required for PCI DSS Compliance?
Posted by zenweb | 04 July 2022
Cyber Security has evolved very quickly over the years, from an IT issue to an issue to be used in businesses. It has been demonstrated that Cyber attacks can be…
9 LikesComments Off on 5 Benefits of Investing in Cyber Security & IT solutions in 2022