Boletines de Vulnerabilidades

SSLv3 vulnerable to CVE-2014-3566 - POODLE attack

Información sobre el sistema
   
Software afectado IBM

Descripción
This post is in regards to the SSLv3 vulnerability (CVE-2014-3566) that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. IBM is analyzing its products to determine which ones may be affected by this vulnerability. Please actively monitor both your IBM Support Portal for available fixes and mitigations and this blog for additional information. IBM recommends that you review your entire environment to identify areas that enable the SSLv3 protocol

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/sslv3_vulnerable_to_cve_2014_3566_poodle_attack?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-3566.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-10-22

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT