cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OpenSSL Vulnerability : CVE-2023-0286, CVE-2023-0215, CVE-2022-4450 and CVE-2022-4304

OpenSSL Vulnerability : CVE-2023-0286, CVE-2023-0215, CVE-2022-4450 and CVE-2022-4304

Question

Whether FlexNet Publisher is impacted by the OpenSSL vulnerability  CVE-2023-0286, CVE-2023-0215, CVE-2022-4450 and CVE-2022-4304 and when this will be fixed.

Answer

Vulnerability CVE-2023-0286, CVE-2023-0215, CVE-2022-4450 and CVE-2022-4304 are observed in FlexNet Publisher as per the scan report in the latest FNP version to resolve this issue the OpenSSL is now Upgraded OpenSSL-1.1.1s to OpenSSL-1.1.1t in FNP 11.19.4 which will resolve all vulnerability reported in FNP 11.19.3 (FNP 2023.R1)

More Information

Vulnerability : CVE-2022-2097 and CVE-2022-2068

https://nvd.nist.gov/vuln/detail/CVE-2023-0286

https://nvd.nist.gov/vuln/detail/CVE-2023-0215

https://nvd.nist.gov/vuln/detail/CVE-2022-4450

https://nvd.nist.gov/vuln/detail/CVE-2022-4304

Labels (3)
Was this article helpful? Yes No
No ratings
Comments

When will FNP 11.19.4 be available?

Hi @bzwithers It will be tomorrow Friday, May 19, 2023, am not seeing any date changes as of now so we can wait for a day to get it. 

Best Regards,

Which FNP components or library use OpenSSL?

On Lmadmin side it is used for secure web communication(HTTPS) 

Version history
Last update:
‎Apr 05, 2023 12:15 AM
Updated by:
Contributors