Attachmate Information for VU#978508

OpenSSL is vulnerable to a man-in-the-middle attack

Status

Affected

Vendor Statement

Some Attachmate products with specific versions are affected by the
CVE-2014-0224 OpenSSL "CCS' MITM vulnerability when TLS protocol
connections are used.  All affected products now have either new versions
or hot fixes available to fix this issue.

Security Updates technical notes are available for specific products:
Security Updates and Reflection
http://support.attachmate.com/techdocs/1708.html
Security Updates and Reflection for Secure IT
http://support.attachmate.com/techdocs/2288.html
Security Updates and EXTRA!
http://support.attachmate.com/techdocs/2501.html
Security Updates and Reflection 2014 or Reflection 2011
http://support.attachmate.com/techdocs/2502.html
Security Updates and Verastream
http://support.attachmate.com/techdocs/2700.html

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://support.attachmate.com/techdocs/1708.html

http://support.attachmate.com/techdocs/2288.html
http://support.attachmate.com/techdocs/2501.html
http://support.attachmate.com/techdocs/2502.html
http://support.attachmate.com/techdocs/2700.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.