Reported October 14, 2014
Padding Oracle On Downgraded Legacy Encryption (POODLE) is a security vulnerability that takes advantage of Internet and security software clients' fallback to SSLv3 and allows attackers to decrypt traffic to domains that support SSLv3. The SSLv3 protocol, as used in OpenSSL through 1.0.1i and other products, makes it easier for Man-in-the-middle (MITM) attackers to obtain cleartext data.
Successful exploitation can reveal contents of encrypted communications.
To see if a company in your portfolio is vulnerable to this attack, go to your portfolio and use the Vulnerability filter in your search.
Feedback
0 comments
Please sign in to leave a comment.