Reputation: 1946
How to protect Tibco BW against POODLE attack? (SSL 3.0 Protocol Vulnerability)
In order to protect Tibco BW from a POODLE attack, how can SSL v3.0 be disabled on its web server component (used in web services, http listener, etc) so that clients are only able to connect using TLS?
Upvotes: 0
Views: 1974
Answers (1)
Reputation: 795
In your question you have not shared which version of TIBCO BusinessWorks you are using. However TIBCO has released hotfix patches to address the issue. The following is from the Release Notes of TIBCO Runtime Agent 5.9.0 Hotfix 4:
Closed Issues in 5.9.0_HF-004 (This Release)
TCRT-56
To protect from the POODLE SSLv3 vulnerability (CVE-2014-3566), the SSLv3protocol is no longer supported for TLS/SSL connections. Only version 1.0or higher of TLS is supported.
For backward compatibility with software that supports only SSLv3, you canenable the SSLv3 protocol by setting the following system-wide propertiesfor client-side and server-side connections in the .tra file:java.property.com.tibco.security.ssl.client.EnableSSLv3=truejava.property.com.tibco.security.ssl.server.EnableSSLv3=true
Upvotes: 2
Related Questions
- Disable SSL fallback and use only TLS for outbound connections in .NET? (Poodle mitigation)
- How to disable the SSLv3 protocol in Jetty to prevent Poodle Attack
- Dropwizard TLS and SSL: deactivate SSLv3
- How to test POODLE over TLS?
- Poodle vulnerability need to change SSL 3.0 to TLS
- Securing a Thrift server aginst the POODLE SSL vulnerability
- Does TLS(Transport layer security) support HTTPS?
- How do I disable SSLv3 in Thin?
- Android Poodlebleed TLS Support
- C# Enforcing HttpWebRequest to use Tls12 instead of SSLv3