SAP Knowledge Base Article - Preview

2004769 - OpenSSL Vulnerability (Heartbleed bug) for SAP SQL Anywhere

Symptom

Products and applications implementing OpenSSL library versions 1.0.1 through 1.0.1f (inclusive) and 1.0.2-beta (including 1.0.2-beta1) are vulnerable to the Heartbleed bug, which leads to this informational disclosure.


Read more...

Environment

  • SAP SQL Anywhere 12 SP66 (12.0.1.3994) to SP71 (12.0.1.4098), Microsoft Windows (x86 and x64) and Linux (x86 and x86_64)
    SAP SQL Anywhere 12 SP66 (12.0.1.3994) to SP70 (12.0.1.4085), AIX, HP-UX IA64, Solaris SPARC, and Solaris x64
    SAP SQL Anywhere 12 SP67 (12.0.1.4006), MacOS X
  • SAP SQL Anywhere 16 SP6 (16.0.1690) to SP11 (16.0.1914), Microsoft Windows
    SAP SQL Anywhere 16 SP6 (16.0.1690) to SP11 (16.0.1910), Linux
    SAP SQL Anywhere 16 SP6 (16.0.1690) to SP9 (16.0.1823), AIX, HP-UX IA64, Solairs SPARC, and Solaris x64
    SAP SQL Anywhere 16 SP6 (16.0.1690) to SP11 (16.0.1893), MacOS X
  • SAP SQL Anywhere, on-demand edition 1.0 SP4 (1.0.4840), all supported platforms.

Product

SAP SQL Anywhere 16.0 ; SAP SQL Anywhere, cloud edition 1.0 ; SAP Sybase SQL Anywhere 12.0

Keywords

Information disclosure, Open SSL vulnerability, Heartbleed bug, CVE-2014-0160, Sybase SQL Anywhere, dbsrv, mlsrv, rsoe, certificates, 509, x.509 , KBA , openssl , heartbleed , cve-2014-0160 , BC-SYB-SQA , SQL Anywhere (on premise, on demand) , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.