You are here

OpenSSL Vulnerabilities Fixed in Version 1.1.1t/3.0.8

IDs: 
CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401
Keywords: 
openssl
Description: 

OpenSSL released version 1.1.1t and 3.0.8 fixing 8 vulnerabilities [1].

Currently supported Airlock Gateway and Microgateway versions use OpenSSL 1.1.1 and 3.0.7 [2] to handle front-side/downstream TLS connections.

We are not aware of possible exploits related to the vulnerabilities.

Hotfix HF0051 for Gateway and Microgateway 3.3.1 is available to update OpenSSL.

Resolution: 

We recommend to apply the hotfixes and update Microgateway when available.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock