OpenSSL "Heartbleed" Vulnerability
On April 8, 2014, HP was notified of an OpenSSL vulnerability CVE-2014-0160 (now known as "Heartbleed"). This vulnerability has garnered a substantial amount of media attention. See resources section for link to National Vulnerability Database entry describing vulnerability in detail. OpenSSL is used in some HP products to provide encryption and SSL services.
HP takes security vulnerabilities seriously and works collaboratively through organizations like the Information Technology Information Sharing & Analysis Center (IT-ISAC), government agencies and industry partners to share information about the vulnerabilities and how to effectively address them. HP consistently employs security controls and procedures to protect against attacks that target our systems and networks.
What can you do?
Get the latest information regarding potential impact on Enterprise Products
Please visit this HP Support Center page and click the blue "Search" button.
Get the latest information regarding potential impact on Consumer Products
Visit Support & Troubleshooting and enter your product name or number.
Get the latest information regarding potential impact on HP Software Products
Visit the HP Security Products Blog.
Subscribe to HP Security Bulletins
- HP Product Security Vulnerability Alerts – See All Key Vulnerabilities
- National Vulnerability Database: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160