Copy link to clipboard
Copied
I'm curious to know if OpenSSL is used in the eCommerce code of Business Catalyst, and if so what we can tell customers about whether their information is or was vulnerable, e.g. has it been updated?
Thanks.
Blog post by BC on their Blog:
http://businesscatalyst.com/bc-blog/business-catalyst-and-the-heartbleed-bug
Copy link to clipboard
Copied
For what it is worth, this site is giving worldsecuresystems.com a B (on a scale of A-F), but doesn't give any explanation for the way it grades...
https://www.ssllabs.com/ssltest/analyze.html?d=worldsecuresystems.com&hideResults=on
Copy link to clipboard
Copied
found the explanation (just had to click on one of the hyperlinked IP addresses):
Looks like it is a B because it doesn't support the TLS 1.2 protocol (to be honest, I don't even know what this means) and it doesn't support "Forward Secrecy."
Copy link to clipboard
Copied
Blog post by BC on their Blog:
http://businesscatalyst.com/bc-blog/business-catalyst-and-the-heartbleed-bug