SSLv3 POODLE Vulnerability CVE-2014-3566 CA Application Lifecycle Conductor Product Guidance

Document ID : KB000030135
Last Modified Date : 14/02/2018
Show Technical Document Details

CA Application Lifecycle Conductor runs on top of an Oracle 1.6 or 1.7 JRE.  All secured communications are conducted using the underlying technologies of the JRE.  Oracle has confirmed that the SSLv3 POODLE Vulnerability does affect the JRE.  Starting with the January 20, 2015 Critical Patch Update releases (JRE 7u75/JRE 6u91 and above) the Java Runtime Environment has SSLv3 disabled by default.  As such, we recommend the JRE be upgraded to latest available version.