URGENT SECURITY ACTION | CVE-2015-1793 OpenSSL Alternative Chains Certificate Forgery Vulnerability

Alerts ID:    ALERT1847    Updated:    06/21/2016




A critical new vulnerability was announced in OpenSSL that might affect your web servers. If you’re using a web server that relies on OpenSSL, you should obtain the patched version of OpenSSL and deploy it on your web server.

The vulnerability does not impact your certificates.


Action Required

Check to see if any of your web servers use OpenSSL. If so, visit https://www.openssl.org/ to download the latest version.

Customers using the following versions of OpenSSL should patch immediately.

  • 1.0.2c
  • 1.0.2b
  • 1.0.1n
  • 1.0.1o

For more information, please see:

Symantec Blog: http://www.symantec.com/connect/blogs/critical-openssl-vulnerability-could-allow-attackers-intercept-secure-communications






Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers

Search Tips