Vulnerabilities in NXLog libraries "libcrypto-1_1-x64.dll" and "libssl-1_1-x64.dll, related to "OpenSSL, Version: 1.1.1q" - deleting the files?


#1 Djordje

Vulnerability scanner has discovered a number of vulnerabilities (CVE-2022-4450, CVE-2023-0215, CVE-2023-4807) related to “OpenSSL, version 1.1.1q” in NXLog libraries "libcrypto-1_1-x64.dll" and "libssl-1_1-x64.dll:

  • If we are using the following modules: im_msvistalog, im_file, om_tcp;
  • and we are NOT using the following modules: im_ssl, om_ssl;

would simply deleting the following files from the system: “C:\ProgramFiles\nxlog\libcrypto-1_1-x64.dll”, “C:\ProgramFiles\nxlog\libssl-1_1-x64.dll” (which solves the problem with the vulnerability scanner alerts) affect functionality of NXLog?

#2 NenadM Nxlog ✓

Hello Djordje,

If the modules are not used in the nxlog.conf file, it's very likely that you won't see any issues if you delete the corresponding dll files. But please don't do that straight into the production environment. Please do a test first. Also, please note that you might need to unregister the dll first. Please check the link: https://kb.blackbaud.com/knowledgebase/articles/Article/48728

Also, please tell us what is the NXLog CE version that you use? Is it that the latest one: nxlog-ce-3.2.2329? Does the Vulnerability scanner points to those files directly?