A new variant of the POODLE attack may affect some TLS implementations on account of an issue similar to one present in SSL 3.0. Successful exploitation may enable actors to derive plaintext from encrypted communications.
US-CERT encourages users and administrators to review TA14-290A for additional information on the POODLE attack and apply any necessary updates to address the vulnerability.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.