TLS Poodle Vulnerability Statement
Issued: December 17, 2014
On December 9, 2014, security researchers published information about a medium risk (NVD) vulnerability, CVE-2014-8730, that affects certain Transport Layer Security 1.0 (TLS) implementations. This new vulnerability is related to the SSLv3 Poodle vulnerability (CVE-2014-3566), but only affects TLS implementations that do not correctly verify padding. CA Technologies is investigating and has not identified any CA products as being vulnerable to this variant of the SSLv3 Poodle vulnerability.
CVE-2014-8730 - TLS Poodle Vulnerability
SSL Version 3.0 Poodle Vulnerability
v1.0: 2014-12-17, Initial Release
If additional information is required, please contact CA Technologies Support at https://support.ca.com/.
If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team at email@example.com.
CA Technologies Product Vulnerability Response Team PGP Key