A security bug affecting SSL 3.0 was released on October 14, 2014.
The DCS 6.0.x and CSP 5.2.9 Manager utilize a version of SSL 3.0 that is susceptible to POODLE.Customers should add the entry sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"to <server install>\tomcat\conf\server.xml.All future release will contain this change by default.
1.Stop CSP/DCS manager service
2.Take backup of Server.xml file
3.Edit the server.xml file to make the suggested changes using xml editors to ensure that double quotes (") with appropriate encoding will be used.
4.Start CSP/DCS manager service
CSP Server 5.2.9 MP1 - MP5 (having Tomcat 7.x)
DCS:SA Server 6.0, 6.0 MP1 (having Tomcat 7.x)
The entry sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" needs to be added to the three SSL Connector configured in server.xml.