Document ID: c04275280 Version: 2 Release Date: 2014-05-06 Last Updated: 2014-08-04 Affected Products: - HP Multimedia Service Environment (MSE) 2.1.1 - HP Network Interactive Voice Response (NIVR) 2.1.0, Reactive Patches 001, 002, 003 - HP Network Interactive Voice Response (NIVR) 2.0.7, Reactive Patch 003 Vulnerability Summary: Potential security vulnerability identified with HP MSE (formerly known as HP NIVR) due to the OpenSSL "Heartbleed" vulnerability. Impact: Remote disclosure of information. CVE Reference: CVE-2014-0160 CVSS Base Score: 5.0 Resolution: HP provided updates for all impacted versions. Updated versions include MSE 2.1.2, NIVR 2.1.0 Reactive Patch 004, and NIVR 2.0.7 Reactive Patch 004. Third Party Security Patches: Should be applied in accordance with customer's patch management policy.