My Oracle Support Banner

CVE-2014-3566 - Instructions to Mitigate the SSL v3.0 Vulnerability (aka "Poodle Attack") in Oracle Tuxedo SALT (Doc ID 1964604.1)

Last updated on OCTOBER 27, 2020

Applies to:

Oracle Service Architecture Leveraging Tuxedo (SALT) - Version 10.3.0 to 11.1.1.2.2 [Release 10gR3 to 11g]
Information in this document applies to any platform.

Purpose

This document provides instructions to resolve the SSL v3.0 security vulnerability referenced in CVE-2014-3566 for Oracle Tuxedo SALT

Scope

Application: Patching Oracle Tuxedo SALT
Audience: System Administrator, Security Officer

 SALT 10.3, 11.1.1.2.0, and 11.1.1.2.2 releases allow use of SSL v3.0 and must be patched. Newer SALT releases 12.1.1 and 12.1.3 do not allow SSL v3.0 and are not impacted.

Note : The Tuxedo core product uses TLS v1.0 , does not allow SSL v3.0, and is not impacted. 

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.