FIPS oCM Vulnerability

Sep 08, 2015 - Author: Sierra Wireless - 2270 Views
A vulnerability in the Stronswan Open SSL libraries used on the oCM, has been identified.

When using the OpenSSL plugin for ECDSA signature verification, remote attackers can authenticate as other users via an invalid signature.

More information about this issue can be found at

This problem is limited to oCM V1.4 FIPS compliant installations only and does not affect standard oCM deployments.

A solution for this issue has been provided by Strongswan and In Motion will include this update in the next release of oCM FIPS software.
©2020 Sierra Wireless. All rights reserved.
You have been successfully unsubscribed to this product. To access your subscription click here.