ZCM 11.3.2

After applying TID 7015826 our vulnerability scanner is still detecting
the POODLE vulnerability on ports 61491 thru 61495.

I contacted Novell support and was told the services on these ports have
ZEN in their name but belong to Java services and that I will need to
pursue remediation via Java resources. Support did provide the
following information:

Health service requests listen on the following ports:

61495 zenserver
61491 zenloader
61493 zen casa
61492 zen join proxy
61494 zen xplat agent

A jmxc bean is used to access that port to get the health information.

JMX is Java Management Extensions:

zenserver service loads with JMX:

-Dcom.sun.management.jmxremote.ssl.need.client.auth =true"

loaded by the following scripts:

zenserver /etc/init.d/novell-zenserver
zenloader /opt/novell/zenworks/bin/zenloader
casa: /etc/CASA/authtoken/svc/envvars
join proxy /etc/init.d/novell-zenjoinproxy
agent /etc/init.d/novell-zenworksxplatzmd

Configuration file: %ZENWORKS_HOME%\conf\probe.properties or

I followed the link to the Oracle information concerning JMX, but didn't
find anything to help me figure out how to remediate the POODLE

Has anyone found a way to remediate the POODLE vulnerability on ports
61491 thru 61495? Any suggestions on how to proceed?

Thank you,

Brad Johnson