ControlUp Status Page Status - IMPORTANT NOTICE - OpenSSL update: CVE-2022-3786 and CVE-2022-3602: X.509 ControlUp Security Team Successfully Mitigated Email Address Buffer Overflows

IMPORTANT NOTICE - OpenSSL update: CVE-2022-3786 and CVE-2022-3602: X.509 ControlUp Security Team Successfully Mitigated Email Address Buffer Overflows

Scheduled Maintenance Report for ControlUp Status Page

Completed

The scheduled maintenance has been completed.

Posted Nov 10, 2022 - 14:25 UTC

In progress

Scheduled maintenance is currently in progress. We will provide updates as necessary.

Posted Nov 10, 2022 - 14:20 UTC

Scheduled

Following the discovery of the OpenSSL vulnerabilities known as X.509 Email Address Buffer Overflows (CVE-2022-3786 and CVE-2022-3602) on November 1st 2022, the ControlUp Security Team conducted a thorough investigation.

Customer-installed components:
We can verify that none of the vulnerabilities exist on our customer-installed components:
* Real-Time DX Agent
* Real-Time DX RT Console
* Real-Time DX Monitor Service
* Real-Time DX On-Premises Server (COP)
* Insights On-Premises (IOP)
* Solve On-Premises (SOP)
* Remote DX Plug-ins
* Edge DX Agent
* Scoutbees Custom Hive

Backend Cloud Environment:
We can confirm that any vulnerable components were updated and mitigated in our backend cloud environment.

We are staying alert and continue to follow any CVE updates. We will keep investigating and updating for any new vulnerabilities found.

If you have any questions, please contact us via support@controlup.com.

ControlUp Security Team

Posted Nov 10, 2022 - 14:16 UTC