Symantec Protection Engine and POODLE: SSLv3 vulnerability (CVE-2014-3566)
search cancel

Symantec Protection Engine and POODLE: SSLv3 vulnerability (CVE-2014-3566)


Article ID: 161368


Updated On:


Protection Engine for Cloud Services


Is Symantec Protection Engine affected by POODLE, the SSLv3 vulnerability?


Note: POODLE stands for Padding Oracle On Downgraded Legacy Encryption ( This vulnerability allows to launch a man-in-the-middle (MITM) attack on systems that are using SSLv3 protocol for communication.


Symantec Protection Engine (SPE) uses Java Secure Socket Extension (JSSE) to implement internal Java server logic that provides a base for UI (Web-browser)-based communication. Current implementation makes it possible for the client to communicate with this server using SSLv3 protocol.


The impact from this vulnerbility varies based on the deployment.

SPE is installed inside your perimeter level therefore, there is a very rare chance of the user interface being exposed and accessed by someone outside your premises. Also, SPE does not use the default SSL 443 port for communication.

Even if in some scenario, someone is able to get control over the communication channel by launching an MITM attack, it may at the most impact the working of SPE. This is also a rare possibility as the attacker would not have the knowledge of SPE policy settings. This means your environment/network will have no impact. 

Hotfix has been released and attached to the Attachment section below for version SPE 7.0.3 and 7.5.1. As a result. it is essential to upgrade to one of these builds before applying the hotfix.

Attachments get_app get_app
ReadMe_SPE_7.0.3_HF1.txt get_app
ReadMe_7.5.1_HF1.txt get_app