JSA10569 - 2013-05 Security Bulletin: Steel Belted Radius: OpenSSL vulnerability CVE-2012-2110

« Go Back

Information

Product Affected	Steel-Belted Radius Enterprise, Steel-Belted Radius Global Enterprise

Problem

OpenSSL software provided with Steel-Belted Radius (SBR) Enterprise is vulnerable to CVE-2012-2110. This may allow code execution type of attacks using crafted certificates.

Solution

SBR Enterprise, SBR Global Enterprise: Fixed in 6.17 or later

Workaround

There are no known workarounds that can mitigate the issue listed in this bulletin for SBR products.

Implementation

Related Links

CVSS Score	7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Risk Assessment

Acknowledgements

Alert Type

Risk Level	High

Attachment 1

Attachment 2

Legacy ID	PSN-2013-05-941, JSA10569

Related Articles

JSA10569 - 2013-05 Security Bulletin: Steel Belted Radius: OpenSSL vulnerability CVE-2012-2110

Information

Feedback

Was this article helpful?