Forum Stats

  • 3,838,294 Users
  • 2,262,351 Discussions
  • 7,900,577 Comments

Discussions

CVE-2014-0160 (HeartBleed OpenSSL bug)

wgkorb-JavaNet
wgkorb-JavaNet Member Posts: 274 Blue Ribbon

If anyone is interested, I opened an SR this morning and Oracle Support has confirmed that Messaging Server is not vulnerable to CVE-2014-0160 (HeartBleed) as it uses NSS for SSL/TLS rather than OpenSSL. Complete details are included in this support document:

Does Oracle Unified Communications Suite use the OpenSSL Libraries, if not what SSL libraries does it use? (Doc ID 1645160.1)

Bill

Tagged:

Comments

This discussion has been closed.