Numecent Response to CVE-2022-3602 and CVE-2022-3786 OpenSSL 3 Buffer Overflow
November 4th, 2022
These vulnerabilities apply to OpenSSL versions 3.0.0 to 3.0.6. We can confirm that no Numecent product users are affected based on the following:
Security is a top concern here at Numecent. While there are no vulnerabilities impacting the current implementation of OpenSSL used by Cloudpaging Player and Cloudpaging Studio, we will be providing an update to ensure our customers have the latest OpenSSL 3 version available.
Numecent will continue to monitor and provide updates to the potential impact of the vulnerability on Numecent managed services and on-premises installations.
Customers can view our Cloudpaging Server - Apache Vulnerability Warnings article for a list of known Apache Tomcat vulnerabilities.