Heartlbleed (Open SSL) Bug CVE-2014-0160 - How we Fixed it in CloudForge

CloudForge Users,

By now you must be familiar with the news of 'Heartbleed vulnerability with OpenSSL'. http://heartbleed.com/

On April 8th, we inventoried all of our servers and quickly identified the ones that needed to be updated. Following which we have updated all servers and confirmed that they are no longer vulnerable.

"We have now created new SSL certificates for all services using a new private key. All of the SSL certificates we replaced have been revoked."

With this vulnerability it is impossible to know if you have been exploited as it does not leave behind any log trails that can be examined so it is recommended to assume that you have been exploited and in addition to the updated SSL Certificates,


"We recommend that all users change the CloudForge password. "

Reset Password


This can be also be done from the My Settings page if you click on your profile. Or just go to this URL: https://app.cloudforge.com/settings. 

If you have any questions feel free to contact CloudForge Support


- Support Team



Article is closed for comments.