This blog entry describes the impact of the recently published POODLE attack (CVE-2014-3566) on z/VSE components and applications.
POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt cipher text using a padding oracle side-channel attack. More details are available in the upstream OpenSSL advisory. POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3. It does not affect the newer encryption mechanism known as... [More]