Help & Resource Center
Follow

Poodle Vulnerability - October 15, 2014

A new vulnerability hit the Internet today called POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption.  In a nutshell this vulnerability can be found in the older Secure Sockets Layer (SSL) 3.0 standard.  SSL 3.0 is no longer being widely used and instead has been replaced by something called Transport Layer Security (TLS).

To remove all possibility of this vulnerability, Modern Retail has disabled SSL 3.0 on our servers.

Here's the official announcement from Symantec if you're interested:

If you would like some additional information about POODLE, TLS and SSL please read:

If you would like to test to see if this vulnerability exists on your website, please use this checker:

If you have any questions please let us know as always.  Thank you.

 

FAQ

Question:  The article is where I read about the link - the report screen says SSLv3 is enabled?
Answer:  Actually SSL version 3 should be disabled, which we have done on all our servers.

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments