I'm sure by now everyone has heard more than they wanted to about the latest vulnerability sweeping the Internet. As far as I can tell, SAP NetWeaver systems don't have any built-in OpenSSL components and shouldn't be vulnerable, but I'm not 100% sure about this. I'm a little surprised that I can't find any mention of Heartbleed in any of the forums today.
So, can anyone state with authority that I'm correct about this, and NetWeaver (ABAP and/or Java) systems are not inherently vulnerable to this flaw?
Thanks,
Matt