Description: Mart Server SSL (Secure Sockets Layer) POODLE Potential vulnerability SOLUTION.
If you are connecting to the erwin MartServer via Secure Sockets Layer (SSL), there is a potential vulnerability in the SSL 3.0 Padding Oracle On Downgraded Legacy Encryption (POODLE). The problem is with Apache Tomcat, a third-party product used to provide Java web services for the erwin MartServer and erwin Mart Administrator applets. Please click HERE to read more about the POODLE vulnerability in SSL version 3.0.
The remedy is to replace the file server_ssl.xml with the file that is attached to this article (below). Fir 9.64.02 and earler, The file Server_SSL.XML is usually located on the Mart Server host machine in the directory C:\Program Files (x86)\CA\ERwin Mart Server r9\Tomcat\conf and for 9.7 it is in C:\Program Files\erwin\Mart Server r9\Tomcat64\conf.
Please contact erwin Technical Support at http://erwin.com/support