Keep in mind that this CVE has just been released and we are finding this out at the same time. In fact even as I was on web.nvd.nist.gov I had noticed that it was still being updated. The bottom line is that currently all appliances running 7.5.x and .7.6.x including VM's, which are running OpenSSL 1.0.1e-fips, fall within this CVE and are possibly susceptible.
We are currently looking into the issue and will post an update as we obtain information.
still waiting on responses, but personally tested, and MEG 7.5.1, and 7.5.2 are both vulnerable (on VM, and doesnt matter about fips mode).
i have not heard about a 7.5.3 hotfix or patch, so you know more than me at this point.
got a notification via sns saying they were investigating affected products, however, i have not heard anything back about the affected list, let alone plans in the works for workarounds.