Paessler PRTG fixes OpenSSL vulnerability CVE-2022-1292

Paesslers PRTG version 22.3.79 will update its internal OpenSSL libraries to 1.0.2ze in order to address and fix CVE-2022-1292. CVE-2022-1292 is categorized as CWE-78 (Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection').

PRTG release notes of version 22.3.79:
[Security] We updated our OpenSSL libraries to version 1.0.2ze that patches CVE-2022-1292.

CVE-2022-1292 is about the OpenSSL c_rehash script, which does not properly sanitise shell metacharacters to prevent command injection.
at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Splunk Version 9.4.4 shows error while starting - VM CPU Flags are missing

Problem  When you update your Splunk to e.g. version 9.4.4 and get this error while starting splunk: Migrating to: VERSION=9.4.4 BUILD=f...