Although a security patch was issued at the beginning of the monthagainst the OpenSSL vulnerability (CVE-2014-0224) that allowed an attacker to decrypt and modify client-server traffic, plenty of servers seem to still be exposed to the threat.A scan for hosts still open to the CVE-2014-0224 OpenSSL vulnerability,ran by Qualys,showed that almost half (49%) of the verified servers fit the profile. Out of these, about 14% are exploitable.CVE-2014-0224 received a fix on June 5 an…
Comments are closed.
