Jump to content

Nessus reports High Vulnerability OpenSSL 1.1.1 < 1.1.1l


Recommended Posts

Hi,
I currently have a setup involving Eset Protect Server and Apache Proxy
This is located on a PCI Compliant system so as part of it I need to run Nessus scans every so often
I've updated to the latest Eset versions recently
but there seems to be a single High Vulnerability showing on the Nessus Reports associated with Apache Proxy

OpenSSL 1.1.1 < 1.1.1l Vulnerability
https://www.tenable.com/plugins/nessus/152782

Port 3128
Banner           : Apache/2.4.46 (Win64) OpenSSL/1.1.1i-dev
Reported version : 1.1.1i
Fixed version    : 1.1.1l

Other Links:
https://github.com/openssl/openssl/commit/59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://www.openssl.org/news/secadv/20210824.txt

Can I ask is this something I need to worry about?, will it be addressed in a future Eset Protect update?
It looks like a similar query was raised here back in September
https://forum.eset.com/topic/29836-nessus-reports-critical-openssl-vulnerability-on-eset-protect-server/
Although I don't think an update to Apache Proxy has been rolled out as part of the latest Eset Protect Version 9

Many Thanks
Richard

Link to comment
Share on other sites

  • ESET Moderators

Hello @RichardW,

the latest Apache HTTP Proxy offered by ESET is 2.4.51.0 https://www.eset.com/int/business/download/eset-protect/#standalone and it should use OpenSSL 1.1.1l

so would recommend to upgrade to it and run the test again...

Regards, Peter

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...