Oracle HSM (SAM-QFS): Protect Against SSL Poodle Vulnerability, CVE-2014-3566
(Doc ID 1959855.1)
Last updated on AUGUST 21, 2020
Applies to:Oracle Hierarchical Storage Manager (HSM) and StorageTek QFS Software - Version 5.3 and later
Information in this document applies to any platform.
A security vulnerability affecting SSL v3.0 was recently publicly disclosed (Padding Oracle On Downgraded Legacy Encryption, or Poodle.). This security vulnerability is the result of a design flaw in SSL v3.0. This vulnerability has received the identifier CVE-2014-3566.
To protect against this vulnerability, upgrade SAM-QFS, to bring open SSL from openSSL-0.9.8za (Poodle susceptible) to an openSSL-0.9.8zc level.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document