cancel
Showing results for 
Search instead for 
Did you mean: 
SamPirok
Community Manager Community Manager
Community Manager

Security advisory SA-2023-021 - OpenSSL BN_mod_sqrt (CVE-2022-0778) is now available. 

Summary

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.

Impact Details

OS/Product Exposure
Extreme AirDefense Yes
Extreme Campus Controller (ExtremeCloud Appliance) No
ExtremeCloud IQ No
ExtremeGuest (Essentials) No
ExtremeGuest (On-Premises) Yes
ExtremeLocation No
HiveManager Classic On-Premises Yes
HiveManager Classic Online Yes
IQVA Yes
VGVA Yes
200-series Yes
BOSS No
EOS (S/K/7100) Investigating
ISW Yes
Extreme Fabric Automation (EFA) No
Extreme Visibility Manager (XVM) Yes

Repair Recommendations

Extreme AirDefense:
- Fixed in 10.5.0-05b3 and later.


ExtremeGuest (On-Premises):
- Will not fix.


200-series:
- TBD (check full article linked below for updates)


ISW:
- TBD (check full article linked below for updates)

Extreme Visibility Manager (XVM):
- Upgrade to XCO 3.1.

 

Please see the full security advisory article here for more details. 

GTM-P2G8KFN