Outdated and vulnerable OpenSSL v3.0.14.0 in use

Question

Apologies if this has been asked already but I couldn't find anything relevant.

Most of our LMI clients use an outdated and vulnerable version of OpenSSL (v3.0.14.0)
This is way behind the current version of OpenSSL, what are the plans to update?

Also, which is such an old version used anyway?

Thanks

Rich

glennd · Answer

Hi RJ-user, welcome to the community.
&nbsp;
I believe v3.0.x was only released in June of 2024 and will have support through to 2026. The reported vulnerabilities are marked low and one moderate, and may not even apply to the Central use case but I am checking with the team for feedback.

Forum Discussion

Outdated and vulnerable OpenSSL v3.0.14.0 in use

1 Reply

Recent Discussions

File Transfer Access Denied

Computer Inventory reporting

Antivirus won't download over slow connections

Cached Credentials no longer work?

Connection failed error