T10000C/T10000D - CVE-2014-3566, Poodle Vulnerability (Doc ID 1937698.1)

Last updated on MAY 19, 2017

Applies to:

StorageTek T10000D Tape Drive - Version All Versions and later
StorageTek T10000C Tape Drive - Version Not Applicable and later
Information in this document applies to any platform.

The current release, 4.08.105, and prior releases of the T10000D tape drive firmware have support for SSL v3.0 and TLS v1.0 enabled. SSL v3.0 can not be disabled in T10000D by the user. However, SSL v3.0 will not be used by the drive. The T10000D only uses TLS 1.0 to communicate with the Oracle Key Manager (OKM). The OKM does not support SSL v3.0. Since OKM does not support SSL v3.0, the SSL connection between the drive and the OKM can never fallback to using SSL v3.0.

Symptoms

A critical security bug has been reported publicly against SSL v3.0 under CVE-2014-3566 and is sometimes called the Poodle Vulnerability.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms