0333 123 1240 info@pro2colgroup.com

POODLE Vulnerability

by | Oct 24, 2014 | Security Updates

SSLv3_poodleThe “POODLE Vulnerability” (CVE-2014-3566) is a serious vulnerability in the popular OpenSSL cryptographic software library (through version 1.0.1i). This weakness allows stealing the information protected, under normal conditions, by the SSL encryption used to provide communication security and privacy over the Internet for applications such as web, email, instant messaging (IM), and some virtual private networks (VPNs).

MOVEit Managed File Transfer is vulnerable to the POODLE exploit. To protect against an attack, Ipswitch recommends that all customers disable SSLv3 for all services and clients. Please find specific instructions for each product here.

Please note – These products rely solely on Microsoft Windows to provide SSL/TLS services to the application. Therefore, disabling SSL 3.0 involves disabling it for the whole system. If the machine is not dedicated to these Ipswitch products, you may want to consider the impact of these changes on other applications running on the server.

 

MOVEit customers who have further queries or are not currently covered by a maintenance and support agreement should get in touch here.