Who Does This Affect?
This article applies to users running Portfolio 3.x and 4.x
Why Is This Happening?
On November 1st, 2022 researchers reported CVE-2022-3602 and CVE-2022-3786, detailing an exploit in OpenSSL 3.x that allow remote code execution on an affected system.
On May 4th, 2016 researchers reported CVE-2016-2107 detailing an exploit in OpenSSL 3.x regarding a specific type of encryption used
Is Portfolio Affected?
Portfolio 3.x and 4.x are affected by CVE-2016-2107. Please follow these instructions to disable TLS 1.0 and 1.1 in your environment: Disabling older versions of TLS in Portfolio
If you have questions or require more assistance, please submit a support request.