OpenSSL "Heartbleed" Vulnerability


On April 8, 2014, HP was notified of an OpenSSL vulnerability CVE-2014-0160 non-HP site (now known as "Heartbleed"). This vulnerability has garnered a substantial amount of media attention. See resources section for link to National Vulnerability Database entry describing vulnerability in detail. OpenSSL is used in some HP products to provide encryption and SSL services.


HP takes security vulnerabilities seriously and works collaboratively through organizations like the Information Technology Information Sharing & Analysis Center (IT-ISAC), government agencies and industry partners to share information about the vulnerabilities and how to effectively address them. HP consistently employs security controls and procedures to protect against attacks that target our systems and networks.


What can you do?


Get the latest information regarding potential impact on Enterprise Products

Please visit this HP Support Center page and click the blue "Search" button.


Get the latest information regarding potential impact on Consumer Products

Visit Support & Troubleshooting and enter your product name or number.


Get the latest information regarding potential impact on HP Software Products

Visit the HP Security Products Blog.


Subscribe to HP Security Bulletins

You may subscribe to receive alerts for HP Security Bulletins published for impacted products.

Resources