Highlighted
Contributor.
Contributor.
298 views

POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hello ,

 

The jetty is not running with revised setting given jetty.xml file .uCMDB version 9.05 is not accepting the entries in jetty.xml for 10.x its working fine and accepting entries when checked.please suggest

 

below are the configuration changes suggested by HP in ‘jetty.xml’ file in ucmdb server.

 

https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01235515

 

 

0 Likes
1 Solution

Accepted Solutions
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

HI Rahul,

 

With respect to the jetty.xml, I have reproduced what you are seing here and I am checking it.

With respect to solving the Poodle Vulnerability, it is fixed with the CUP 170 available for download from :

 

  • Windows:                               

o   http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_UCMDB_00150

  • Linux:

o   http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_UCMDB_00151

 

Thanks

Figen

 

HP Support
If you find that this or any post has resolved your issues please mark it as solved.

View solution in original post

0 Likes
9 Replies
Highlighted
Outstanding Contributor.. Outstanding Contributor..
Outstanding Contributor..

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hello , 

 

Thanks for the details provided . 

 

I will be researching according to your question. 

 

Best Regards , 

Melissa Carranza Mejias
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the STAR at the bottom left of the post and show your appreciation. “
0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hello,

 

Were you able to delete the contents of the jetty cache folder on the UCMDB server  (hp\UCMDB\UCMDBServer\runtime\jetty-cache) and the restart the UCMDB server.

 

Please let us know how it goes.

 

Thanks

Figen

HP Support
If you find that this or any post has resolved your issues please mark it as solved.
0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hello Figen ,

 

 

i have restarted the jetty server after clearing jetty cache, but it does not work

same error as attached above, please let me know

 

 

Thanks

Rahul

 

0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hello Rahul,

Can you also upload the jetty.xml file you have created?

Thanks

Figen

HP Support
If you find that this or any post has resolved your issues please mark it as solved.
0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hi Figen ,

 

please find attached jetty file

 

Thanks

Rahul

0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

HI Rahul,

 

With respect to the jetty.xml, I have reproduced what you are seing here and I am checking it.

With respect to solving the Poodle Vulnerability, it is fixed with the CUP 170 available for download from :

 

  • Windows:                               

o   http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_UCMDB_00150

  • Linux:

o   http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_UCMDB_00151

 

Thanks

Figen

 

HP Support
If you find that this or any post has resolved your issues please mark it as solved.

View solution in original post

0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Thanks Figen

0 Likes
Highlighted
Visitor..
Visitor..

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

I am running 10.01 and I get the same error. Is there a fix for 10.01?

0 Likes
Highlighted
Contributor.
Contributor.

Re: POODLE/(SSLv3) Vulnerability in UCMDB 9.05

Jump to solution

Hi,

The fix provided in the KB https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01235515 should work on 10.01.

 

Thanks

 

HP Support
If you find that this or any post has resolved your issues please mark it as solved.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.