(imported topic written by rheng)
An OpenSSL vulnerability was announced earlier this week in versions 1.0.1 and 1.0.2 of OpenSSL. This vulnerability is officially named “TLS heartbeat read overrun (CVE-2014-0160)” and has come to be colloquially named “The Heartbleed Bug”.
Mobile Device Management is unaffected .
Official advisory :
http://www.openssl.org/news/secadv_20140407.txt
More details :
http://heartbleed.com
To see updates on how this vulnerability affects IEM applications, click either of the links below: