Are Symantec Encryption products vulnerable to the “POODLE" vulnerability (CVE-2014-3566)?
None of the Symantec Encryption products are vulnerable, but some of the Encryption products can potentially be affected by the “POODLE” vulnerability. See the following table for a list of each of the Encryption products and how they are affected.
For more information about the POODLE vulnerability, see http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566.
Also see the Symantec blog posting at http://www.symantec.com/connect/blogs/poodle-vulnerability-old-version-ssl-represents-new-threat
|Symantec Encryption Desktop,
Symantec Drive Encryption,
PGP Whole Disk Encryption,
PGP Command Line
|Symantec Endpoint Encryption Management Server only
(includes SEE Full Disk 8.2.1, SEE Removable Storage 8.2,1, and Symantec Endpoint Encryption v 11.0.0)
|Affected (not vulnerable in default configuration)||See article TECH225778 for more information.|
|Symantec Encryption Management Server, PGP Universal Server||Affected (not vulnerable)||See article TECH225779 for more information.|