Security Bulletin: Vulnerability in SSLv3 affects IBM Installation Manager (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Installation Manager. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this...

Security Bulletin: A security vulnerability has been identified in IBM Tivoli Directory Server shipped with AIX/VIOS (CVE-2014-3566)

Summary IBM Tivoli Directory Server is shipped as a component of AIX/VIOS. Information about a security vulnerability affecting IBM Tivoli Directory Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin: Vulnerability in SSL...

Security Bulletin: There is a vulnerability in IBM Java SDK that affects Rational Developer for System z (CVE-2014-3566)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 6 and 7, which are used by Rational Developer for System z. This includes the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. This was disclosed as part of the IBM Java SDK updat...

Security Bulletin: Vulnerability in SSLv3 affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Sterling Connect:Direct for Microsoft Windows. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attack...

Security Bulletin: Vulnerability in SSLv3 affects Rational DOORS Web Access (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 can be enabled in IBM Rational DOORS Web Access. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts lik...

Security Bulletin: Vulnerability in SSLv3 affects IBM Tivoli Netcool Configuration Manager (ITNCM), (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Tivoli Netcool Configuration Manager. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to...

Security Bulletin: Vulnerability in SSLv3 affects Netezza Performance Portal (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Netezza Performance Portal. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...

Security Bulletin: Vulnerability in SSLv3 affects IBM Fabric Manager (IFM)(CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Fabric Manager. Vulnerability Details Abstract SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded...

Code injection

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118...

Security Bulletin: Vulnerability in IBM Java Runtime affect IBM Guardium Database Activity Monitoring (CVE-2014-3566)

Summary Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Guardium Database Activity Monitoring, were disclosed as part of the IBM Java SDK updates in October 2014. The only fix applicable was for Padding Oracle On Downgraded Legacy...

Security Bulletin: Vulnerability in SSLv3 affects IBM XIV Storage System Gen 3.0 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM XIV Storage System Gen 3.0 Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitiv...

Security Bulletin: Vulnerability in SSLv3 affects IBM Storwize V7000 Unified (CVE-2014-3566)

Summary There are security vulnerabilities in SSLv3 that is shipped with IBM Storwize V7000 Unified. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote use...

Security Bulletin: Vulnerability in SSLv3 affects IBM UrbanCode Deploy (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM UrbanCode Deploy. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follo...

Security Bulletin: Vulnerability in SSLv3 affects IBM Rational RequisitePro (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Rational RequisitePro. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this...

Security Bulletin: IBM Security Network Protection is affected by a NSS vulnerability (CVE-2014-3566)

Summary A security vulnerability has been discovered in Network Security Services NSS used with IBM Security Network Protection. This update adds support for the TLS Fallback Signaling Cipher Suite Value TLSFALLBACKSCSV, which can be used to prevent protocol downgrade attacks against applications...

Security Bulletin: Vulnerability in SSLv3 affects IBM SPSS Analytic Server (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM SPSS Analytic Server. Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : Product could allow a remote attacker to obtain sensitive...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution (CVE-2014-3566, CVE-2014-6558)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6.0,16.1 and 7.0.7.1 that is used by WebSphere Cast Iron. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as par...

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by vulnerabilities CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-3513, CVE-2014-6558, CVE-2014-4263, CVE-2014-4244

Summary A SSLv3 contains a vulnerabilityCVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-3513 that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is used for Client/Server communication in IBM WebSphere Cast Iron Solution Java security...

Security Bulletin: Vulnerability in SSLv3 affects WebSphere Lombardi Edition (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in WebSphere Lombardi Edition. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: WebSphere Lombardi Edition could allow a remote attacker t...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Message Broker shipped with IBM WebSphere Remote Server (CVE-2014-3566 and CVE-ID: CVE-2014-3568)

Summary IBM WebSphere Message Broker is shipped as a component of IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Message Broker has been published in a security bulletin. Vulnerability Details Please consult the security bulletin IBM WebSphere...