Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Vulnerability in SSLv3 affects IBM HTTP Server (CVE-2014-3566) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled by default in IBM HTTP Server. CVE(s): CVE-2014-3566 Affected product(s) and affected version(s): This vulnerability affects all versions and releases of IBM HTTP Server component in all editions of WebSphere Application Server and bundling products. Refer to the following reference URLs for remediation and additional vulnerability details: More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_sslv3_affects_ibm_http_server_cve_2014_3566?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-3566 ,CVE-2014-3508 ,CVE-2014-3511 ,CVE-2014-4822 ,CVE-2014-5139 ,CVE-2014-6271 and CVE-2014-7169. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-10-17 |