This is an old revision of the document!
Stages and OpenSSL 3.x Vulnerability CVE-2022-3358 <font 11pt/Calibri,sans-serif;;inherit;;inherit>The Stages managed services *.stages.digital and *.stagesasaservice.com are not impacted.</font> <font 11pt/Calibri,sans-serif;;inherit;;inherit>On premise Stages installations are not impacted, unless all of the following conditions apply:</font> <font 11pt/Calibri,sans-serif;;inherit;;inherit>1. OpenSSL 3.0.0 - 3.0.5 is installed on your operating system. You can check by executing “openssl version” on the command line.</font> <font 11pt/Calibri,sans-serif;;inherit;;inherit>2. OpenSSL usage is explicitly enabled by removing the comments around</font> <font 11pt/Consolas;;black;;inherit><!– <Listener className=“org.apache.catalina.core.AprLifecycleListener” SSLEngine=“on” /> –></font> <font 11pt/Calibri,sans-serif;;inherit;;inherit>in …/conf/server.xml. The default configuration uses the Java SSL implementation, which is not vulnerable.</font>