Oracle HSM (SAM-QFS): Protect Against SSL Poodle Vulnerability, CVE-2014-3566
Last updated on APRIL 17, 2017
Applies to:Oracle Hierarchical Storage Manager (HSM) and StorageTek QFS Software - Version 5.3 and later
Information in this document applies to any platform.
A security vulnerability affecting SSL v3.0 was recently publicly disclosed (Padding Oracle On Downgraded Legacy Encryption, or Poodle.). This security vulnerability is the result of a design flaw in SSL v3.0. This vulnerability has received the identifier CVE-2014-3566.
To protect against this vulnerability, upgrade SAM-QFS, to bring open SSL from openSSL-0.9.8za (Poodle susceptible) to an openSSL-0.9.8zc level.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms