All,
It seems there are presently a few discussions on how to mitigate POODLE, but they are fragmented and incomplete. For the sake of this discussion, I'd like to disable all SSLv3 on AS ABAP and AS Java. Vulnerability scans have turned up the following ports:
5XX14 - HTTPS Start Service
443XX - HTTPS for ABAP ICM
5XX01 - HTTPS Dispatcher for Java
In summary, I'd like suggestions on how to disable SSLv3 (only run TLS) on the following platforms:
- AS ABAP HTTPS ICM (Netweaver 7.0)
- AS ABAP HTTPS ICM (Netweaver 7.3)
- AS JAVA HTTPS Dispatcher (Netweaver 7.3)
- AS JAVA HTTPS Dispatcher (Netweaver 7.0)
- HTTPS Start Service (TCP Port 5XX14)
I look forward to your thoughts.
POODLE Discussion threads I have found:
Question: Security Threat OSS Note 2067859
Relevant OSS Notes I've seen Discussed: