- Community Home
- >
- Storage
- >
- Midrange and Enterprise Storage
- >
- HPE 3PAR StoreServ Storage
- >
- Re: OpenSSL heart bleed - HP 3PAR
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-18-2014 05:20 AM
04-18-2014 05:20 AM
OpenSSL heart bleed - HP 3PAR
Any HP 3PAR products are vulnerable to heartbleed bug ??
- Tags:
- OpenSSL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-18-2014 06:05 AM
04-18-2014 06:05 AM
Re: OpenSSL heart bleed - HP 3PAR
Hp is checking all its products. Initial unofficial checks indicate the SP and InForm images use versions of OpenSSL that are not vulnerable to heartbleed. Contact your local Sales person for latest information.
Note: While I work for HP, all of my comments (whether noted or not), are my own and are not any official representation of the company.
----------
If my post was useful, click on my KUDOS! "White Star" !
Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the company
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-23-2014 03:53 AM
04-23-2014 03:53 AM
Re: OpenSSL heart bleed - HP 3PAR
Please see:
Critical Security Bulletins - 04/22/2014
HPSBST03015 rev.1 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information
http://alerts.hp.com/r?2.1.3KT.2ZR.1ApFgQ.KVlXP4..T.f154.8SCm.bW89MQ%5f%5fCbGOFOC0
Content Type: Storage Software security bulletins
The impact of this vulnerability on 3PAR OS is unclear. You can limit the impact by placing the 3PAR management LAN ports, and other 3PAR tools on a separate VLAN and restrict access, that is a good practice anyway.
I have not seen anything official on the Service Processor, Policy Manager, Inform Management Console, Command Line Interface, System Reporter, or any of the other 3PAR tools yet. I guess the most serious would be vulnerabilities in the Service processor and Policy Manager as these typically require access to the internet for the remote monitoring to work. A formal statement from HP is overdue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2014 09:15 PM - edited 05-13-2014 09:16 PM
05-13-2014 09:15 PM - edited 05-13-2014 09:16 PM
Re: OpenSSL heartbleed - HP 3PAR
>Critical Security Bulletins - 04/22/2014
This was updated last week to indicate patches are in place for 3.1.3 and 3.1.2.
>You can limit the impact by placing the 3PAR management LAN ports,
Exactly