A vulnerability in SSL 3.0 could allow information disclosure (a.k.a POODLE).
The vulnerability is in the protocol and is not specific to the implementation. Therefore, any implementation of the protocol is affected.
For more details on the vulnerability, see https://www.openssl.org/news/secadv_20141015.txt.
Performance Center does not use the SSL 3.0 protocol.
However, since any implementation of the protocol is affected, all versions of Performance Center may be affected by proxy of the OpenSSL and the Windows operating system implementation of the protocol.
For more details on the related implementations:
OpenSSL - https://www.openssl.org/~bodo/ssl-poodle.pdf
Microsoftâs Windows - https://technet.microsoft.com/en-us/library/security/3009008.aspx
- OpenSSL implementation â Replace the OpenSSL files used by the Performance Center 12.0x with the files attached here. Make sure to follow the installation instruction in the HP_PC12.0x_OpenSSL_1.0.1j_readme.doc file provided with the hotfix.
- Microsoftâs Windows Operating system implementation â Refer to Microsoft guidelines https://technet.microsoft.com/en-us/library/security/3009008.aspx
- ALM Server â Follow the details in the ALMâs knowledge base article KM01250751.