POODLE Attack (CVE-2014-3566)

Description

The Poodle attack allows you to retrieve encrypted data sent by a client to a server if the Transport Layer Security used is SSLv3.

Bussines Impact

if an attacker interrupts a secure connection between a browser and a website that is using TLSv1.0 when the browser retries to establish the connection to the server, it will use the next lower level protocol, once the protocol downgrade is successful, the attacker can exploit the vulnerabilities in SSLv3 to compromise the session.

Recommendation

Disable SSLv3 within your web server and/or client (ideally both). This will make the exploit unusable.

More Details

The POODLE threat is a man-in-the-middle attack that forces modern clients and servers to downgrade the security protocol to SSLv3 from TLSv1.0 or higher. This is done by interrupting the handshake between the client and server; resulting in the retry of the handshake with earlier protocol versions.

Reference

https://marc.info/?l=bugtraq&m=142103967620673&w=2