Jump to content

Recommended Posts

Posted

Hi,
I currently have a setup involving Eset Protect Server and Apache Proxy
This is located on a PCI Compliant system so as part of it I need to run Nessus scans every so often
I've updated to the latest Eset versions recently
but there seems to be a single High Vulnerability showing on the Nessus Reports associated with Apache Proxy

OpenSSL 1.1.1 < 1.1.1l Vulnerability
https://www.tenable.com/plugins/nessus/152782

Port 3128
Banner           : Apache/2.4.46 (Win64) OpenSSL/1.1.1i-dev
Reported version : 1.1.1i
Fixed version    : 1.1.1l

Other Links:
https://github.com/openssl/openssl/commit/59f5e75f3bced8fc0e130d72a3f582cf7b480b46
https://www.openssl.org/news/secadv/20210824.txt

Can I ask is this something I need to worry about?, will it be addressed in a future Eset Protect update?
It looks like a similar query was raised here back in September
https://forum.eset.com/topic/29836-nessus-reports-critical-openssl-vulnerability-on-eset-protect-server/
Although I don't think an update to Apache Proxy has been rolled out as part of the latest Eset Protect Version 9

Many Thanks
Richard

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...