XMediusFAX and the Heartbleed Bug

Administrator -

XMediusFAX is not affected by the Heartbleed vulnerability.

XMediusFAX and OpenSSL

All versions of XMediusFAX use a version of OpenSSL that is not affected by the Heartbleed vulnerability.

As such, the following interactions are safe from this vulnerability:
  • Communications between all XMediusFAX server modules (Including the MMC Snap-In)
  • Sending of faxes with SendFAX connected through the XML Gateway
  • SIP TLS

Apache Tomcat

Apache Tomcat (used for XMediusFAX Web applications) is also not vulnerable.

As such, it is safe to assume that the features of XMediusFAX that interact with its Web applications are safe from this vulnerability. That includes, but is not limited to:
  • Accessing the Web Client, Web Administration interface, Web online help (for users and administrators), Web Service and Web Reports
  • Using the Web Fax Composer Printer tool and the Fax Account Monitoring Spot tool

Internet Information Services (IIS)

Since the common XMediusFAX deployment scenario includes IIS, it can also be noted that IIS is not affected by the Heartbleed vulnerability.

Have more questions? Submit a request

Comments

Powered by Zendesk