OpenSSL CCS Injection Security Alert (CVE-2014-0224)

Updated -

Red Hat has released a new security advisory and tooling to help protect customers from OpenSSL's CCS Injection vulnerability (CVE-2014-0224). The vulnerability poses a threat for potential man-in-the-middle-attacks in certain situations. Variants of the following products can be affected:

In order to avoid impact, you should update to the newest version of OpenSSL available for their product. For additional details, see Information on CVE-2014-0224.

Red Hat Access Labs has released the CCS Injection Detector to help you validate your systems have been patched against this vulnerability.

  • Product
  • Red Hat Customer Portal Labs
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Virtualization
  • Red Hat JBoss Web Server
  • Red Hat Storage Server
  • Red Hat Enterprise Linux
  • JBoss Enterprise Web Platform
  • Category
  • Secure
  • Tags
  • cve
  • labs_ccsinjectiontest
  • openssl
  • security
  • ssl