Discover our Clipsal Smart Home packages as seen on The Block 2018

in location

OR

I'm looking for

  • Wholesalers
    • Uncheck All Check All
  • EXPERTISE
    • Expand
    • Expand
    • Expand
    • Uncheck All Check All
  • Switchboard Manufacturers
    • Uncheck All Check All
OR

The best way to see what Clipsal electric products can do for your home is seeing them in action at a Clipsal Display Centre.

Product stock may vary according to location. If you're after a specific product range, please check with your chosen location before visiting.

10 Results
    Load More Load Complete
    Change Location

    Does the Heartbleed OpenSSL vulnerability affect APC products?



    Issue

    On 07-APR-2014, the "Heartbleed" Vulnerability, also called the "Heartbeat" Vulnerability (CVE-2014-0160) was detected and published by several Cyber Security outlets.


    Product Line
    • StruxureWare Data Center Expert
    • StruxureWare Data Center Operation
    • NetBotz
    • APC Network Management Cards
    • PowerChute Network Shutdown
    • PowerChute Business Edition
    • APC Remote Monitoring Service (RMS)
    • APC Digital IP KVM Switches (KVM1116P, KVM2116P, KVM2132P)/KVM Access Software
    • MGE Network Shutdown Module Software, v3.07.01

    Environment
     
    • SSL authentication applications


    Cause

    Reported vulnerabilities in OpenSSL - CVE-2014-0160


    Resolution

    Detailed description of the issue and some FAQ's can be found here and here.

    The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

    Schneider Electrics' Data Center Business has conducted a vulnerability assessment on the following platforms and found current shipping versions of each are not affected by the Heartbleed vulnerability.
    • Data Center Operations (DCO) is currently operating with OpenSSL v0.9.8 and is therefore not affected.
    • Data Center Expert (DCE) is currently operating with OpenSSL v1.0.0 and is therefore not affected.
    • NetBotz Appliances are currently operating with OpenSSL v0.9.8b and is therefore not affected.
    • All Network Management Card (NMC) Applications do not utilize OpenSSL and are therefore not affected.
    • PowerChute Network Shutdown is not affected. PowerChute Network Shutdown version 3.1 Appliance for VMware utilizes v0.9.8e.
    • PowerChute Business Edition is not affected. PowerChute Business Edition utilizes OpenSSL version 0.9.4.
    • APC Remote Monitoring Service (RMS) is not affected because it does not utilize OpenSSL.
    • APC Digital IP KVM Switches (KVM1116P, KVM2116P, KVM2132P) & the accompanying KVM Access Software utilize OpenSSL v0.9.7 and therefore are not affected.
    • MGE Network Shutdown Module v3.07.01 for Windows uses the OpenSSL v1.0.1e which is vulnerable to the Heartbleed bug. Network Shutdown Module v3.06.04 for Linux is not impacted. 
      • To recover, upgrade all instances of Network Shutdown Module for Windows to v3.07.02 (available @ http://www.apc.com/tools/download/index.cfm and select "Software Upgrade - MGE Accessories" in the Software Filter and click submit.) and change your user credentials. Please read the Release Notes for further information.

    Cyber Security is an important element of Schneider Electrics' commitment to software quality. Regular vulnerability assessment and further investigation is ongoing on other Schneider Electric platforms in addition to the above and will be detailed if discovered.

    For customers or researchers to report a potential vulnerability incident, Schneider provides an email address: cybersecurity@schneider-electric.com

     

    Didn’t find what you were looking for?

    Try Searching Again View Our Categories

    Need further assistance?

    Our Customer Care department provides total customer service solutions for our residential, industrial and commercial applications.

    Get Assistance