Vulnerability Bulletins

IBM Security Bulletin: SSLv3 POODLE Attack vulnerability affects IBM Algo One - Counterparty Credit Risk (CVE-2014-3566)

System information
   
Affected software IBM

Description
SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in IBM Algo One - Counterparty Credit Risk. CVE(s): CVE-2014-3566 Affected product(s) and affected version(s): IBM Algo One-Counterparty Credit Risk 4.9.0 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21882575 X-Force Database:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_sslv3_poodle_attack_vulnerability_affects_ibm_algo_one_counterparty_credit_risk_cve_2014_3566?lang=en_us

Standar resources
Property Value
CVE CVE-2014-3566 ,CVE-2015-0138 ,CVE-2014-6593 ,CVE-2015-0383 and CVE-2015-0410.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-17
Ministerio de Defensa
CNI
CCN
CCN-CERT