AnsweredAssumed Answered

Qualys scanner appliances vulnerable to heartbleed?

Question asked by Stevie Beck on Apr 23, 2014

I did not find any official statement yet on this topic, so I wonder if that was addressed already?

Just in case the scanner appliances are (of have been) using openSSL 1.0.1 before 1.0.1g to access various TLS/SSL interfaces while scanning: a MiTM could potentially read from the scanner's openSSL client implementation sensitive data such as credentials being used for authenticated scans...

Can someone confirm that this is not an issue?


Aside of that: the way and the speed how Qualys and ssllabs have addressed this topic is really great and has helped us a lot! Keep up the good work, please!