Skip to main content

Techdocs Library > Flashes >

PowerHA System Mirror is not affected by the SSL v3.0 vulnerability (CVE-2014-3566) Flash (Alert)



Document Author:

Michael E Herrera


Document ID:

FLASH10844


Doc. Organization:

Advanced Technical Sales


Document Revised:

10/27/2014


Product(s) covered:

PowerHA SystemMirror







Abstract: PowerHA System Mirror is not vulnerable to the SSL v3.0 attack that has been referred to as Padding Oracle On Downgrade Legacy Encryption ("POODLE").

PowerHA System Mirror does not enable SSL v3.0. Hence it is not impacted by the SSL v3.0 vulnerability.

In particular, PowerHA System Mirror in all editions and all platforms is NOT vulnerable to the SSL v3.0 vulnerability (CVE-2014-3566).

IBM recommends that you review your entire environment to identify areas that enable the SSLv3 protocol and take appropriate mitigation and remediation actions. The most immediate mitigation action that can be taken is disabling SSLv3.




Classification:

Software

Category:

Security




Platform(s):

IBM Power Systems



O/S:

AIX

Keywords:

PowerHA SystemMirror AIX POODLE SSL v3.0

The Techdocs Library
Is this your first visit to Techdocs (the Technical Sales Library)?

Learn more


Techdocs QuickSearch

: