T10000A/T10000B - CVE-2014-3566, Poodle Vulnerability (Doc ID 1952054.1)

Last updated on DECEMBER 06, 2016

Applies to:

Sun StorageTek T10000A Tape Drive - Version All Versions to All Versions [Release All Releases]
Sun StorageTek T10000B Tape Drive - Version All Versions to All Versions [Release All Releases]
Information in this document applies to any platform.

The current release, 1.50.103 (T10KA),1.50.203 (T10KB) and prior releases of the T10000A/B tape drive firmware/s do have support for SSL v3.0 and TLS v1.0 enabled. SSL v3.0 cannot be disabled in the T10000A/B drive by the user. However, SSL v3.0 will not be used by the drive. The T10000A and T120000B tape drives only use TLS 1.0 to communicate with the Oracle Key Manager (OKM). The OKM does not support SSL v3.0. Since OKM does not support SSL v3.0, the SSL connection between the drive and the OKM can never fallback to using SSL v3.0.

Symptoms

 A critical security bug has been reported publicly against SSL v3.0 under CVE-2014-3566 and is sometimes called the Poodle Vulnerability.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms