With the recent POODLE vulnerability, server operators must now (finally) disable SSL version 3.0 and move up to TLS 1.0 at the minimum, if not TLS 1.2.
UPDATE: Many thanks to Courtney Llamas who provided me with a link to the section of the documentation that describes the right way to do this. If you want to disable SSLv3 in EM12c, follow the instructions in section 18.104.22.168 of chapter 2 of the Oracle Enterprise Manager Cloud Control Security Guide. You will need to re-secure your OMS during the process and this will require that you have access to the SYSMAN password and an agent registration password. I can confirm that the steps in this document work and do disable SSLv3. Make sure you follow the steps in the document to secure the management agents, too.
[EDIT: 20150312: Please note that you MUST install the 22.214.171.124.6 Agent bundle patch 20423395 to allow the agent-side “allowTLSOnly” property to function correctly. If you do not install this patch on your 126.96.36.199 agent, the agent will continue to permit SSLv3 connections.]