Return
-
Title
Are erwin Data Modeler, Mart Server or erwin Web Portal Affected by the Heartbleed Vulnerability? -
Description
Are erwin Data Modeler, Mart Server or erwin Web Portal Affected by the Heartbleed Vulnerability? -
Resolution
Are erwin Data Modeler, Mart Server, or erwin Web Portal Affected by the Heartbleed Vulnerability?
Answer: Neither Data Modeler, Mart ,nor Web Portal are affected by Heartbleed.
For Data Modeler and Mart, the following versions of OpenSSL and Tomcat are used...
Data Modeler/Mart Version OpenSSL Version Tomcat Version Reference 9.8 0.98g 7.0.82 https://erwin.com/bookshelf/9.8.00/Bookshelf_Files/HTML/erwin%20Rel%20Notes/index.htm 2018r1
1.1.0g 9.0.5 https://erwin.com/bookshelf/public_html/Content/Release%20Notes/Data%20Modeler%20Release%20Notes/tpsr.html 2019r1 1.1.0.g 9.0.14 https://erwin.com/bookshelf/public_html/2019R1/Content/Release%20Notes/Data%20Modeler%20Release%20Notes/tpsr.html 2020r1 1.1.1c 9.0.27 https://erwin.com/bookshelf/public_html/2020R1/Content/Release%20Notes/Data%20Modeler%20Release%20Notes/tpsr.html?Highlight=openssl Please note that Mart also uses the JSSE implementation of secure communications, which is not vulnerable.
For Web Portal, in all versions, the Java JSSE implementation of secure communications is also used. OpenSSL is not installed by Web Portal.