Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more.

Advisory: SSL 3.0 Exploit (a.k.a POODLE attack)

October 17, 2014 - Advisory: SSL 3.0 Exploit (a.k.a POODLE attack)

In response to the recently documented SSL 3.0 vulnerability (Reference: CVE-2014-3566), InterSystems advises customers to switch from using or requiring SSL 2.0 or SSL 3.0 and instead use only TLSv1.

InterSystems products support TLSv1, SSL 3.0 and SSL 2.0 for SSL/TLS. The SSL/TLS configuration can be controlled through the Management Portal (System > Security Management > SSL/TLS Configuration)

Furthermore, beginning with version 2014.2, InterSystems products will default for newly defined SSL/TLS configurations to only include TLSv1; SSL 3.0 will still be available as an option.

If you have any questions regarding this advisory, please contact the Worldwide Response Center.

Latest Alerts & Advisories

Jul 23, 2025
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
Jul 23, 2025
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
Jun 10, 2025
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
May 20, 2025
This issue affects all versions of HealthShare®:
May 20, 2025
This problem affects the following products: