{}

Naše značky

Impact-Company-Logo-English Black-01-177x54

Vítejte na internetových stránkách společnosti Schneider Electric

Vítejte na našich internetových stránkách.
Prohledejte časté dotazy
PowerChute Network Shutdown v4.4.1 - OpenJDK 15 EDCSA vulnerability
Issue:
PowerChute Network Shutdown v4.4.1 ships with OpenJDK 15 which includes an EDCSA vulnerability (CVE-2022-21449) as reported here.

Product:
PowerChute Network Shutdown v4.4.1

Environment:
All supported operating systems

Solution:
Upgrade the Java version used by PowerChute to OpenJDK 17.0.3.

Vulnerable cipher suites:
NONEwithECDSA
SHA1withECDSA
SHA224withECDSA
SHA256withECDSA
SHA384withECDSA
SHA512withECDSA
SHA3-224withECDSA
SHA3-256withECDSA
SHA3-384withECDSA
SHA3-512withECDSA
NONEwithECDSAinP1363Format
SHA1withECDSAinP1363Format
SHA224withECDSAinP1363Format
SHA256withECDSAinP1363Format
SHA384withECDSAinP1363Format
SHA512withECDSAinP1363Format
SHA3-224withECDSAinP1363Format
SHA3-256withECDSAinP1363Format
SHA3-384withECDSAinP1363Format
SHA3-512withECDSAinP1363Format

NOTE: PowerChute does not use any of the above cipher suites for its web server and is therefore not vulnerable to the issue. For added assurance, you can upgrade to OpenJDK 17.0.3.


Schneider Electric Česká republika

Zjistěte více
Řada:
Užitečné články
Zjistěte více
Řada: