IBM Security Bulletin: Vulnerability in SSLv3 affects IBM WebSphere Application Server shipped with WebSphere Service Registry and Repository

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled by default in IBM WebSphere Application Server. CVE(s): CVE-2014-3566 Affected product(s) and...



from IBM Product Security Incident Response Team http://ibm.co/1xoyZ9H