Symantec Protection Engine (SPE) for CS/NAS is not affected by CVE-2016-0800 (DROWN) vulnerability.
With the new SSL/TLS vulnerability (CVE-2016-0800), attackers can force a web server to use an old, insecure version of SSL/TLS known as SSLv2. SPE does not support SSLv2 protocol for UI communication.
For more information about the vulnerability, visit the following page:
http://www.symantec.com/connect/blogs/drown-vulnerability-could-sink-secure-internet-connections
Note: Though SPE for CS/NAS is not affected by CVE-2016-0800 vulnerability, we recommend that you upgrade to the latest SPE 7.0.x or 7.5.x versions as they support only TLS based UI communication.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)