“POODLE” TLS Vulnerability aka “POODLE AGAIN”

  • 7015984
  • 11-Dec-2014
  • 11-Dec-2014

Environment

Novell Open Enterprise Server 11 (OES 11)
Novell Open Enterprise Server 2 (OES 2)
Novell ZENworks
Novell Service Desk
Novell Filr
Novell GroupWise
Novell Messenger
Novell NetWare
Novell ZENworks

Situation

Simple Description: Please read about CVE-2014-8730 from National Vulnerability Database before proceeding.  Several media outlets are publishing articles stating that, in some cases, TLS is now also impacted by the POODLE flaw.  The scope of this issue is limited to the F5 implementation of TLS.  This is not a vulnerability within the design of TLS 1.x itself.

Resolution

Impact:  There are no impacts to Novell products. 
Novell Products:
Novell ZENworks – Not Vulnerable
Novell Service Desk – Not Vulnerable
Novell Filr – Not Vulnerable
Novell iPrint Appliance – Not Vulnerable
Novell Open Enterprise Server– Not Vulnerable
Novell GroupWise– Not Vulnerable
Novell Messenger– Not Vulnerable
Novell Vibe– Not Vulnerable
Novell NetWare – Not Vulnerable


Cause

Actions/Recommendations:
No action required.

References:  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8730