Certain TLS Implementations Vulnerable to POODLE Attacks

A new variant of the POODLE attack may affect some TLS implementations on account of an issue similar to one present in SSL 3.0. Successful exploitation may enable actors to derive plaintext from encrypted communications.

US-CERT encourages users and administrators to review TA14-290A for additional information on the POODLE attack and apply any necessary updates to address the vulnerability.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.