Family of NetSuite services is NOT vulnerable to Heartbleed; TribeHR patched on 4/8/14

By - April 10, 2014

The Heartbleed vulnerability represents a significant threat to security on many websites.  However, the NetSuite service is not vulnerable to this issue.  Below is the official statement from NetSuite:

Wednesday, April 9, 2014, 12:01am PDT

Notice regarding the current OpenSSL vulnerability known as the Heartbleed Bug (formally CVE-2014-0160).  NetSuite has reviewed domains associated with the family of NetSuite services – the NetSuite Service, the LightCMS Service, the NetSuite OpenAir Service, the OrderMotion Service, the RetailAnywhere Service – And has concluded that none of them was ever vulnerable to CVE-2014-0160.  The Tribe HR service was vulnerable and was patched Tuesday 4/8/2014.  NetSuite is communicating with TribeHR Customers.  For more information on the Heartbleed bug please navigate to

The statement may be viewed on the NetSuite Status page  by hovering over the “i” information icon to the right of the Wednesday, 4/9/14 uptime statistics.

For more information, please contact your #NetSuite lead consultant, Client Service Coordinator, or the RSM Client Resource Center or 888-678-5536.

By: Matt Kenney – National NetSuite Capability Leader

Receive Posts by Email

Subscribe and receive notifications of new posts by email.