Partner Program Overview
Designed to deliver unparalleled customer value and accelerated mutual growth by harnessing partner expertise and ColorTokens cybersecurity technology.Learn More
As previously announced, the OpenSSL team released version 3.0.7 today and published a note detailing two vulnerabilities: CVE-2022-3786 and CVE-2022-3602. The vulnerability was initially classified as “critical” but downgraded to “high” just before the release based on more testing and vendor feedback. Still, the OpenSSL team is urging all users to upgrade to version 3.0.7 as soon as possible.
It should be noted that NIST has assigned CVE-2022-3602 a base score of 9.8 and is, therefore, a critical vulnerability. ColorTokens Xcloud customers can use the “CVE ID” query to identify affected systems.
The ColorTokens SaaS-based Zero Trust Platform is not affected by this vulnerability, and no action is required by Xshield, Xprotect, and Xcloud customers.