Certain TLS Implementations Vulnerable to POODLE Attacks

Original release date: December 09, 2014

A new variant of the POODLE attack may affect some TLS implementations on account of an issue similar to one present in SSL 3.0. Successful exploitation may enable actors to derive plaintext from encrypted communications.

US-CERT encourages users and administrators to review TA14-290A for additional information on the POODLE attack and apply any necessary updates to address the vulnerability.

This product is provided subject to this Notification and this Privacy & Use policy.