{"id":9057,"date":"2015-07-09T10:34:19","date_gmt":"2015-07-09T02:34:19","guid":{"rendered":"http:\/\/w3c.weblink.com.tw\/symantec\/?p=9057"},"modified":"2015-07-09T10:34:19","modified_gmt":"2015-07-09T02:34:19","slug":"about-data-center-security-server-advanced-and-the-poodle-ssl-3-0-vulnerability-cve-2014-3566","status":"publish","type":"post","link":"https:\/\/w3c.weblink.com.tw\/symantec\/?p=9057","title":{"rendered":"About Data Center Security: Server (Advanced) and the Poodle SSL 3.0 vulnerability (CVE-2014-3566)"},"content":{"rendered":"
Problem<\/h5>\n

 <\/p>\n

A security bug affecting SSL 3.0 was released on October 14, 2014.<\/p>\n

 <\/p>\n

Solution<\/h5>\n

 <\/p>\n

The DCS 6.0.x and CSP 5.2.9 Manager utilize a version of SSL 3.0 that is susceptible to POODLE. Customers should add the entry sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″ to <server install>\\tomcat\\conf\\server.xml. All future release will contain this change by default. <\/p>\n

Recommend steps: <\/p>\n

    \n
  1. Stop CSP\/DCS manager service<\/li>\n
  2. Take backup of Server.xml file<\/li>\n
  3. Edit the server.xml file to make the suggested changes using xml editors to ensure that double quotes (“) with appropriate encoding will be used.<\/li>\n
  4. Start CSP\/DCS manager service<\/li>\n<\/ol>\n

     <\/p>\n

    CSP Server 5.2.9 MP1 – MP5 (having Tomcat 7.x)<\/b> <\/p>\n

    DCS:SA Server 6.0, 6.0 MP1 (having Tomcat 7.x)<\/b> <\/p>\n

    The entry sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″ needs to be added to the three SSL Connector configured in server.xml. <\/p>\n

      <\/p>\n

    These SSL Connectors are for the: <\/p>\n