Reset Search
 

 

Article

KB30297 - 2013-05 Security Bulletin: Steel Belted Radius: OpenSSL vulnerability CVE-2012-2110

« Go Back

Information

 
Last Modified Date10/22/2018 4:40 PM
Synopsis
Products Affected: Steel-Belted Radius Enterprise, Steel-Belted Radius Global Enterprise, Steel-Belted Radius Carrier
Risk Assessment: CVSS Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Risk Level: High
CVE: CVE-2012-2110
Problem or Goal
 OpenSSL software provided with Steel-Belted Radius (SBR) Enterprise and Steel-Belted Radius (SBR) Carrier is vulnerable to CVE-2012-2110. This may allow code execution type of attacks using crafted certificates.
Cause
Solution
  • SBR Enterprise, SBR Global Enterprise: Fixed in 6.17 or later
  • SBR Carrier: Fixes are available for 7.3.1, 7.4.1, 7.5.0 through regular JTAC support channels.

Workarounds:
There are no known workarounds that can mitigate the issue listed in this bulletin for SBR products.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255