Vulnerabilities/

The POODLE attack

Impact: Medium

Description

The POODLE attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0. If attackers successfully exploit this vulnerability, on average, they only need to make 256 SSL 3.0 requests to reveal one byte of encrypted messages. Wikipedia

Recommendation

Disable SSL 3.

References

Last updated on April 04, 2021

Use SmartScanner Free version to test for this issue

Download