My Oracle Support Banner

CVE-2014-3566 - Instructions to Mitigate the SSLv3 Vulnerability ("POODLE Attack") in Oracle E-Business Suite (Doc ID 1937646.1)

Last updated on MAY 08, 2018

Applies to:

Oracle E-Business Suite
Information in this document applies to any platform.


This document provides instructions to resolve the SSL 3.0 security vulnerability (POODLE) referenced in CVE-2014-3566.


This document covers the required steps to disable SSL and enable TLS for all Oracle E-Business Suite products and core infrastructure components used by Oracle E-Business Suite. This document does not cover externally integrated products (for example, Oracle Access Manager, Oracle Web Cache) except where they require special configuration for Oracle E-Business Suite. 

It is important to monitor the Oracle Alert on the SSL V3.0 "POODLE" Vulnerability - CVE-2014-3566 ( for information on all externally integrated products you use and to follow each product’s respective guidelines.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Configuring the Oracle E-Business Suite Web Server (Oracle HTTP Server)
 Configuring the Oracle Database
 Configuring Product Specific Patches from Oracle E-Business Suite
 Configuring the OPMN Remote ONS Port
 Release-Specific Requirements
 Strong Cipher Configuration Instructions
 Change Log

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.