Following the recent alert for the HeartBleed vulnerability in OpenSSL I'm trying to determine if our WebEX meeting server v1.5 is vulnerable. I found the document below but it's not clear which particular version is in use - http://www.wbximg.com/includes/documents/Cisco_Webex_Meetings_Server_1.5_Open_Source_Documentation.pdf
Or, does this mean multiple version of OpenSSL are used??
Any help gratefully received!
The Cisco PSIRT is investigating the impact of this vulnerability on Cisco products and will disclose any vulnerabilities according to our security policy, which is available at http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html .
An INTERIM Cisco Security Advisory was published on April 9th, 2014 at 0300 UTC and is available at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
The Cisco PSIRT will update this Cisco Security Advisory as more information becomes available.
This vulnerability is seen only in CWMS 2.0 version and the previous versions are not affected by this vulnerability.