Advisory 2021-05/1 OpenSSL Vulnerability

CA Certificate Check Bypassed

Security Advisory DateMay 5, 2021
Vulnerability TypeComponent with Known Vulnerability
Severity factorsSee
Versions affectedAll versions of FileCloud prior to
Version fixedFileCloud Version


OpenSSL versions 1.1.1h and newer introduced an error that enabled bypassing a security check. The security check would have confirmed that non-CA certificates could not issue other certificates. OpenSSL 1.1.1k fixes this issue.

The latest version of FileCloud includes the updated version of OpenSSL, 1.1.1k.

See the full descriptions of the issue at


This has been fixed in FileCloud version, which includes the updated version of OpenSSL.

What you should do

  • If you are using a FileCloud on-premises installation, please update it to the latest version, which is or greater.
  • If you are using FileCloud online, your site has already been updated to the latest version.

If you have any questions about this advisory, please contact FileCloud support