Knowledge Center

Network Security Manager response to CVE-2015-1793 (Not Vulnerable)
Technical Articles ID:   KB85204
Last Modified:  1/5/2018


McAfee Network Security Manager (NSM) 8.x, 7.1


CVE-2015-1793 has been reported against OpenSSL.
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate.
For more information, see :
As the NSM uses OpenSSL, is it vulnerable to CVE-2015-1793?


No, NSM is not vulnerable to CVE-2015-1793 because NSM does not use the version of OpenSSL at risk from this vulnerability. 

Rate this document

Beta Translate with

Select a desired language below to translate this page.


This article is available in the following languages:

English United States

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.