Patch available for SSL 3.0 “POODLE” Security Vulnerability (CVE-2014-3566)

This patch addresses the vulnerability discovered in the SSL 3.0. A flaw was discovered that makes it easy for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack.

Do you need to install this patch?

BMC Real End User Experience Monitoring (BMC EUEM) components of the following versions, 2.5.XX, 6.5.XX, 2.6.XX, and 6.6.XX, include this vulnerability.

If you have questions about whether to install this patch, contact BMC Customer Support.

Applying the patch

Enable SSH on the target component.
Log on to your system using the clisystem account.
Run the following command:

install https://deviceupdates.bmc.com/downloads/FLAM-143-1.0.2.zip
Repeat for each remaining component.

After applying the patch

Re-establish SSH settings for all applicable components, as described in the following topics:

If a problem occurs

If you encountered problems during the installation of the patch or if you could not access the internet to run the installation, contact BMC Customer Support.

Patch available for SSL 3.0 “POODLE” Security Vulnerability (CVE-2014-3566)

After applying the patch

If a problem occurs

Related topics

On this page