Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-79-1953731.1
Update Date:2014-12-12
Keywords:
Solution Type  Predictive Self-Healing Sure

Solution  1953731.1 :   CVE-2014-3566 - Instructions to Mitigate the SSL v3.0 Vulnerability (aka "Poodle Attack") in SuperCluster  

Related Items 
    

  • Oracle SuperCluster T5-8 Hardware
    •  
  • SPARC SuperCluster T4-4
    •  
  • Oracle SuperCluster M6-32 Hardware
    •  
Related Categories 
    

  • PLA-Other>Development>MOS Prod Dev Family>MOS Prod Dev Area>MOS: Critical Patch Updates
    •  






In this Document


Purpose


Scope


Details




Applies to:  

Oracle SuperCluster T5-8 Hardware
SPARC SuperCluster T4-4
Oracle SuperCluster M6-32 Hardware
Information in this document applies to any platform.



Purpose


 This document provides instructions to resolve the SSL v3.0 security vulnerability referenced in CVE-2014-3566


Scope


 Components in SuperCluster that can use SSL v3.0


Details



 The procedure to address CVE-2014-3566 (Poodle) in SuperCluster should be followed for each of these component products listed below:






SuperCluster Component
MOS note




Exadata Storage cells
1935817.1




T4-4, T5-8, or M6-32 compute nodes
1935986.1




Solaris 
1935621.1




ZFSSA 7320 or ZS3-ES storage appliance
1935621.1




IB switch
1935986.1




Cisco switch
See http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html







 
 Note: The SuperCluster specific Exafamily software layer is not vulnerable to CVE-2014-3566 except for the COD (Capacity On Demand) utility which is fixed in Exafamily release 1.6.1.271 (20141117) and later.



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback