Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Data Access Pack (CVE-2014-3566) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 can be configured for the IBM SPSS Data Access Pack. CVE(s): CVE-2014-3566 Affected product(s) and affected version(s): SPSS Data Access Pack 7.1, consisting of SPSS Modeler 16.0, SPSS Statistics 22.0 and SPSS Collaboration and Deployment Services 5.0, also includes the Progress Software Corporation DataDirect ODBC and JDBC drivers. Refer to the following More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_sslv3_affects_ibm_spss_data_access_pack_cve_2014_3566?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-3566. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-12-28 |