Share:|

Last Modified at 2:30AM CT, March 30, 2015

Latest details from BMC

 

The products below ship with a node.js server that is statically linked with a version of OpenSSL that if used for TLS communication may be vulnerable to CVE-2014-0160 (Heartbleed). We have reviewed the use of node.js within the products below and found that it is not exploitable in this context.

Products which include MongoDBRemediation / Patching
BMC MyIT
BMC SmartIT
See this support article for a detailed explanation of why the products are not vulnerable to CVE-2014-0160.