POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt cipher-text using a padding oracle side-channel attack.
Symantec is aware that SSIM 4.8.x is vulnerable on port 443 to the "POODLE" vulnerability.
To address this vulnerability, we recommend customers use the FIPS operational mode.
SSIM itself can be configured to disallow SSLv3.
The ITDS server (TCP port 636) has the FIPS operational mode enabled by default and therefore disallows SSLv3 traffic.
The FIPS operational mode can be enabled for the IBM HTTP server (TCP port 443) to disallow SSLv3.
In the directory /opt/Symantec/simserver/bin you will find the script set_fips_mode.sh to switch on the FIPS operational mode for the IBM HTTP server.
./set_fips_mode.sh --status
That will tell you if the FIPS operational mode is enabled.
./set_fips_mode.sh –on
That will turn on the FIPS operational mode, which will disallow SSLv3 traffic.
./set_fips_mode.sh –off
That will turn off the FIPS operational mode and will allow SSLv3 traffic.
So once the FIPS operational mode is turned on, SSLv3 traffic is disallowed. On the agent side FIPS mode is turned on by default.
Applies To
SSIM 4.8.x