Vulnerability Bulletins

IBM Security Bulletin: SSLv3 POODLE Attack vulnerability affects IBM Algo One - Capital Workflow Manager (CVE-2014-3566)

System information
   
Affected software IBM

Description
SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM Algo One - Capital Workflow Manager. CVE(s): CVE-2014-3566 Affected product(s) and affected version(s): IBM Algo One - Capital Workflow Manager 5.0.0 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21882610 X-Force Database:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_sslv3_poodle_attack_vulnerability_affects_ibm_algo_one_capital_workflow_manager_cve_2014_3566?lang=en_us

Standar resources
Property Value
CVE CVE-2014-3566 ,CVE-2015-1909 ,CVE-2015-1899 and CVE-2015-0138.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-17
Ministerio de Defensa
CNI
CCN
CCN-CERT