IMPORTANT NOTICE - OpenSSL update: CVE-2022-3786 and CVE-2022-3602: X.509 ControlUp Security Team Successfully Mitigated Email Address Buffer Overflows
Scheduled Maintenance Report for ControlUp Status Page
The scheduled maintenance has been completed.
Posted Nov 10, 2022 - 14:25 UTC
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Nov 10, 2022 - 14:20 UTC
Following the discovery of the OpenSSL vulnerabilities known as X.509 Email Address Buffer Overflows (CVE-2022-3786 and CVE-2022-3602) on November 1st 2022, the ControlUp Security Team conducted a thorough investigation.

Customer-installed components:
We can verify that none of the vulnerabilities exist on our customer-installed components:
* Real-Time DX Agent
* Real-Time DX RT Console
* Real-Time DX Monitor Service
* Real-Time DX On-Premises Server (COP)
* Insights On-Premises (IOP)
* Solve On-Premises (SOP)
* Remote DX Plug-ins
* Edge DX Agent
* Scoutbees Custom Hive

Backend Cloud Environment:
We can confirm that any vulnerable components were updated and mitigated in our backend cloud environment.

We are staying alert and continue to follow any CVE updates. We will keep investigating and updating for any new vulnerabilities found.

If you have any questions, please contact us via

ControlUp Security Team
Posted Nov 10, 2022 - 14:16 UTC