This article describes the installation of the Patch for CVE-2014-3566 Note: Only install this patch if you are running MAG2 v3.5.x or older! SSLv3 is already disabled on MAA versions 4.x and greater.
Resolution
Copy the attached file poodlefix.sh to your MAG2 Appliance's /tmp folder. Login to your MAG2 appliance using the g2 user.
Run these commands to disable SSL v3: [email protected]:/tmp$ sudo ./poodlefix.sh [sudo] password for g2:
Console Output will look like this:
SSLv3 is enabled on this server. Disabling it.. Restarting web server.. Verifying SSL connection.. - SSL TLS1.2 working - SSLv3 disabled