CA Common Services addresses the SSL V 3 0 Poodle security vulnerability.
search cancel

CA Common Services addresses the SSL V 3 0 Poodle security vulnerability.

book

Article ID: 30085

calendar_today

Updated On:

Products

CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services Datacom/AD CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Compress Data Compression for MVS Compress Data Compression for Fujitsu

Issue/Introduction

There have been recent concerns raised by customers regarding the security vulnerability in SSLv3 protocol commonly known as ‘Poodle’.  CA Common Services for z/OS has taken steps to address these concerns.   

 

 

 

 

 

Environment

Release: CA90SV00200-14.1-Common Services-for z/OS
Component:

Resolution

In order to address this concern, it is recommended that the CA Common Services CCISSL and CCISSLGW procs be changed to use TLS as the security protocol.

Common Services r14.1 solution RO75043 addressed this concern by delivering updated procs changing the default setting from SSL to TLS.

Technical Document CCISSL SECURITY CONCERN USING SSL3 details strategies for implementing this change.