Padding Oracle On Downgraded Legacy Encryption

“This server has SSLv3 protocol enabled and is vulnerable to Poodle (SSLv3) attack. Disable SSLv3 on the server."


In 2014, Google researchers discovered a vulnerability in the SSL 3.0 protocol dubbed the "POODLE" vulnerability (Padding Oracle On Downgrading Legacy Encryption).

While the SSL 3.0 protocol is enabled, a MITM (man-in-middle-attack) can intercept encrypted connections and calculate the plaintext of the intercepted connections.

SSL 3.0 vulnerabilities/security flaws are:

  • Message integrity is insecure.
  • Vulnerable to Man-In-The-Middle attack.

The most effective way to counter the POODLE attack is to disable the SSL 3.0 protocol.




Additionally, DigiCert recommends disabling the SSL 3.0 protocol and enabling the TLS protocols (1.2 or 1.3) on the client side.