There is a new POODLE vulnerability and test at Qualys SSL labs)
https://www.ssllabs.com/ssltest/
POODLE (Padding Oracle On Downgraded Legacy)
The problem is that your encryption stream may be downgraded to a legacy (i.e. can be cracked) standard. TLS 1.2 and higher needs to be kept as the known secure standard.
Go click on ssllabs.com link above to see if your website is vulnerable.
In my opinion this potential vulnerability does not rank so high on the risk assessment scale.
It is important to patch systems that have this potential vulnerability, but it would take the hacker some effort to exploit this issue. In this day and age one has to be picky with what to spend time on.
Here is the important quote from imperialviolet.org: ” This seems like a good moment to reiterate that everything less than TLS 1.2 with an AEAD cipher suite is cryptographically broken.”
1 thought on “Test new POODLE vulnerability”