CVE-2014-3566

LOW
Published Oct 15, 201411y ago · Modified Jun 17, 20262w ago
3.4 CVSS 3.1
Low
Find Similar
Published Oct 15, 2014 11y ago
Last Modified Jun 17, 2026 2w ago

Description

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVSS Details

Base Score
3.4
Exploitability
1.6
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Changed
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-310
CWE-329

Affected Products 147

VendorProductVersionRange
redhatenterprise_linux5any
redhatenterprise_linux_desktop6.0any
redhatenterprise_linux_desktop7.0any
redhatenterprise_linux_desktop_supplementary5.0any
redhatenterprise_linux_desktop_supplementary6.0any
redhatenterprise_linux_server6.0any
redhatenterprise_linux_server7.0any
redhatenterprise_linux_server_supplementary5.0any
redhatenterprise_linux_server_supplementary6.0any
redhatenterprise_linux_server_supplementary7.0any
redhatenterprise_linux_workstation6.0any
redhatenterprise_linux_workstation7.0any
redhatenterprise_linux_workstation_supplementary6.0any
redhatenterprise_linux_workstation_supplementary7.0any
ibmaix5.3any
ibmaix6.1any
ibmaix7.1any
applemac_os_x* ≤10.10.1
mageiamageia3.0any
mageiamageia4.0any
novellsuse_linux_enterprise_desktop9.0any
novellsuse_linux_enterprise_desktop10.0any
novellsuse_linux_enterprise_desktop11.0any
novellsuse_linux_enterprise_desktop12.0any
novellsuse_linux_enterprise_software_development_kit11.0any
novellsuse_linux_enterprise_software_development_kit12.0any
novellsuse_linux_enterprise_server11.0any
novellsuse_linux_enterprise_server11.0any
novellsuse_linux_enterprise_server12.0any
opensuseopensuse12.3any
opensuseopensuse13.1any
fedoraprojectfedora19any
fedoraprojectfedora20any
fedoraprojectfedora21any
opensslopenssl0.9.8any
opensslopenssl0.9.8aany
opensslopenssl0.9.8bany
opensslopenssl0.9.8cany
opensslopenssl0.9.8dany
opensslopenssl0.9.8eany
opensslopenssl0.9.8fany
opensslopenssl0.9.8gany
opensslopenssl0.9.8hany
opensslopenssl0.9.8iany
opensslopenssl0.9.8jany
opensslopenssl0.9.8kany
opensslopenssl0.9.8lany
opensslopenssl0.9.8many
opensslopenssl0.9.8many
opensslopenssl0.9.8nany
opensslopenssl0.9.8oany
opensslopenssl0.9.8pany
opensslopenssl0.9.8qany
opensslopenssl0.9.8rany
opensslopenssl0.9.8sany
opensslopenssl0.9.8tany
opensslopenssl0.9.8uany
opensslopenssl0.9.8vany
opensslopenssl0.9.8wany
opensslopenssl0.9.8xany
opensslopenssl0.9.8yany
opensslopenssl0.9.8zany
opensslopenssl0.9.8zaany
opensslopenssl0.9.8zbany
opensslopenssl1.0.0any
opensslopenssl1.0.0any
opensslopenssl1.0.0any
opensslopenssl1.0.0any
opensslopenssl1.0.0any
opensslopenssl1.0.0any
opensslopenssl1.0.0aany
opensslopenssl1.0.0bany
opensslopenssl1.0.0cany
opensslopenssl1.0.0dany
opensslopenssl1.0.0eany
opensslopenssl1.0.0fany
opensslopenssl1.0.0gany
opensslopenssl1.0.0hany
opensslopenssl1.0.0iany
opensslopenssl1.0.0jany
opensslopenssl1.0.0kany
opensslopenssl1.0.0lany
opensslopenssl1.0.0many
opensslopenssl1.0.0nany
opensslopenssl1.0.1any
opensslopenssl1.0.1any
opensslopenssl1.0.1any
opensslopenssl1.0.1any
opensslopenssl1.0.1aany
opensslopenssl1.0.1bany
opensslopenssl1.0.1cany
opensslopenssl1.0.1dany
opensslopenssl1.0.1eany
opensslopenssl1.0.1fany
opensslopenssl1.0.1gany
opensslopenssl1.0.1hany
opensslopenssl1.0.1iany
ibmvios2.2.0.10any
ibmvios2.2.0.11any
ibmvios2.2.0.12any
ibmvios2.2.0.13any
ibmvios2.2.1.0any
ibmvios2.2.1.1any
ibmvios2.2.1.3any
ibmvios2.2.1.4any
ibmvios2.2.1.5any
ibmvios2.2.1.6any
ibmvios2.2.1.7any
ibmvios2.2.1.8any
ibmvios2.2.1.9any
ibmvios2.2.2.0any
ibmvios2.2.2.1any
ibmvios2.2.2.2any
ibmvios2.2.2.3any
ibmvios2.2.2.4any
ibmvios2.2.2.5any
ibmvios2.2.3.0any
ibmvios2.2.3.1any
ibmvios2.2.3.2any
ibmvios2.2.3.3any
ibmvios2.2.3.4any
netbsdnetbsd5.1any
netbsdnetbsd5.1.1any
netbsdnetbsd5.1.2any
netbsdnetbsd5.1.3any
netbsdnetbsd5.1.4any
netbsdnetbsd5.2any
netbsdnetbsd5.2.1any
netbsdnetbsd5.2.2any
netbsdnetbsd6.0any
netbsdnetbsd6.0any
netbsdnetbsd6.0.1any
netbsdnetbsd6.0.2any
netbsdnetbsd6.0.3any
netbsdnetbsd6.0.4any
netbsdnetbsd6.0.5any
netbsdnetbsd6.0.6any
netbsdnetbsd6.1any
netbsdnetbsd6.1.1any
netbsdnetbsd6.1.2any
netbsdnetbsd6.1.3any
netbsdnetbsd6.1.4any
netbsdnetbsd6.1.5any
debiandebian_linux7.0any
debiandebian_linux8.0any
oracledatabase11.2.0.4any
oracledatabase12.1.0.2any

References 244

  • ftp.netbsd.org ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
    Third Party Advisory
  • advisories.mageia.org http://advisories.mageia.org/MGASA-2014-0416.html
    Third Party Advisory
  • aix.software.ibm.com http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc
    Third Party Advisory
  • archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
    Third Party Advisory
  • archives.neohapsis.com http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
    Third Party Advisory
  • askubuntu.com http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
    Third Party Advisory
  • blog.cryptographyengineering.com http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html
    Third Party Advisory
  • blog.nodejs.org http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/
    Third Party Advisory
  • blogs.technet.com http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx
    Third Party Advisory
  • docs.ipswitch.com http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf
    Third Party Advisory
  • downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2014-011.html
    Third Party Advisory
  • googleonlinesecurity.blogspot.com http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
    Third Party Advisory
  • h20564.www2.hp.com http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
    Third Party Advisory
  • h20564.www2.hpe.com http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
    Third Party Advisory
  • kb.juniper.net http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
    Third Party Advisory
  • lists.apple.com http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
    Mailing ListThird Party Advisory
  • lists.apple.com http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
    Mailing ListThird Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142330.html
    Third Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141114.html
    Third Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141158.html
    Third Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169361.html
    Third Party Advisory
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141450452204552&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141450973807288&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141477196830952&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141576815022399&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141577087123040&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141577350823734&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141620103726640&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141628688425177&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141694355519663&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141697638231025&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141697676231104&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141703183219781&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141715130023061&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141775427104070&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141813976718456&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141814011518700&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=141879378918327&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142103967620673&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142118135300698&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142296755107581&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142350196615714&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142350298616097&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142350743917559&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142354438527235&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142357976805598&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142495837901899&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142496355704097&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142546741516006&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142607790919348&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142624590206005&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142624619906067
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142624619906067&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142624679706236&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142624719706349&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142660345230545&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142721830231196&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142721887231400&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142740155824959&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142791032306609&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142804214608580&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142805027510172&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=142962817202793&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143039249603103&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143101048219218&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143290371927178&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143290437727362&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143290522027658&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143290583027876&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143558137709884&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143558192010071&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=143628269912142&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=144101915224472&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=144251162130364&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=144294141001552&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=bugtraq&m=145983526810210&w=2
    Third Party Advisory
  • marc.info http://marc.info/?l=openssl-dev&m=141333049205629&w=2
    Third Party Advisory
  • people.canonical.com http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1652.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1653.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1692.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1876.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1877.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1880.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1881.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1882.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1920.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-1948.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0068.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0079.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0080.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0085.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0086.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0264.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0698.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1545.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1546.html
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/59627
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/60056
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/60206
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/60792
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/60859
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61019
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61130
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61303
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61316
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61345
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61359
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61782
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61810
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61819
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61825
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61827
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61926
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61995
    Third Party Advisory
  • support.apple.com http://support.apple.com/HT204244
    Third Party Advisory
  • support.citrix.com http://support.citrix.com/article/CTX200238
    Third Party Advisory
  • tools.cisco.com http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21686997
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21687172
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21687611
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21688283
    Third Party Advisory
  • www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21692299
    Third Party Advisory
  • debian.org http://www.debian.org/security/2014/dsa-3053
    Third Party Advisory
  • debian.org http://www.debian.org/security/2015/dsa-3144
    Third Party Advisory
  • debian.org http://www.debian.org/security/2015/dsa-3147
    Third Party Advisory
  • debian.org http://www.debian.org/security/2015/dsa-3253
    Third Party Advisory
  • debian.org http://www.debian.org/security/2016/dsa-3489
    Third Party Advisory
  • kb.cert.org http://www.kb.cert.org/vuls/id/577193
    Third Party AdvisoryUS Government Resource
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2014:203
    Third Party Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
    PatchThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
    PatchThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
    PatchThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
    Third Party Advisory
  • securityfocus.com http://www.securityfocus.com/archive/1/533724/100/0/threaded
    Third Party AdvisoryVDB Entry
  • securityfocus.com http://www.securityfocus.com/archive/1/533746
    Third Party AdvisoryVDB Entry
  • securityfocus.com http://www.securityfocus.com/archive/1/533747
    Third Party AdvisoryVDB Entry
  • securityfocus.com http://www.securityfocus.com/bid/70574
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031029
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031039
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031085
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031086
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031087
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031088
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031089
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031090
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031091
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031092
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031093
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031094
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031095
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031096
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031105
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031106
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031107
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031120
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031123
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031124
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031130
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031131
    Third Party AdvisoryVDB Entry
  • securitytracker.com http://www.securitytracker.com/id/1031132
    Third Party AdvisoryVDB Entry
  • ubuntu.com http://www.ubuntu.com/usn/USN-2486-1
    Vendor Advisory
  • ubuntu.com http://www.ubuntu.com/usn/USN-2487-1
    Vendor Advisory
  • us-cert.gov http://www.us-cert.gov/ncas/alerts/TA14-290A
    Third Party AdvisoryUS Government Resource
  • vmware.com http://www.vmware.com/security/advisories/VMSA-2015-0003.html
    Third Party Advisory
  • websense.com http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
    Third Party Advisory
  • www1.huawei.com http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm
    Third Party Advisory
  • access.redhat.com https://access.redhat.com/articles/1232123
    Third Party Advisory
  • blog.mozilla.org https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
    Third Party Advisory
  • blogs.oracle.com https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
    Third Party Advisory
  • bto.bluecoat.com https://bto.bluecoat.com/security-advisory/sa83
    Third Party Advisory
  • bugzilla.mozilla.org https://bugzilla.mozilla.org/show_bug.cgi?id=1076983
    Issue Tracking
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1152789
    Issue Tracking
  • devcentral.f5.com https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
    Third Party Advisory
  • github.com https://github.com/mpgn/poodle-PoC
    Third Party Advisory
  • groups.google.com https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU
  • h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635
    Third Party Advisory
  • h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681
    Third Party Advisory
  • h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
    Third Party Advisory
  • h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
    Third Party Advisory
  • ics-cert.us-cert.gov https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
    Third Party AdvisoryUS Government Resource
  • kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10090
    Third Party Advisory
  • kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10091
    Third Party Advisory
  • kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10104
    Third Party Advisory
  • lists.apache.org https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
  • lists.apache.org https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
  • lists.apache.org https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
  • lists.apache.org https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
  • lists.apache.org https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
  • lists.apache.org https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
  • puppet.com https://puppet.com/security/cve/poodle-sslv3-vulnerability
    Third Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/201507-14
    Third Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/201606-11
    Third Party Advisory
  • security.netapp.com https://security.netapp.com/advisory/ntap-20141015-0001/
    Third Party Advisory
  • support.apple.com https://support.apple.com/HT205217
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6527
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6529
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6531
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6535
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6536
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6541
    Vendor Advisory
  • support.apple.com https://support.apple.com/kb/HT6542
    Vendor Advisory
  • support.citrix.com https://support.citrix.com/article/CTX216642
    Third Party Advisory
  • support.lenovo.com https://support.lenovo.com/product_security/poodle
    Third Party Advisory
  • support.lenovo.com https://support.lenovo.com/us/en/product_security/poodle
    Third Party Advisory
  • technet.microsoft.com https://technet.microsoft.com/library/security/3009008.aspx
    PatchVendor Advisory
  • templatelab.com https://templatelab.com/ssl-poodle/
  • www-01.ibm.com https://www-01.ibm.com/support/docview.wss?uid=swg21688165
    Third Party Advisory
  • arista.com https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7
  • cloudera.com https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html
    Third Party Advisory
  • dfranke.us https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html
    Third Party Advisory
  • elastic.co https://www.elastic.co/blog/logstash-1-4-3-released
    Third Party Advisory
  • imperialviolet.org https://www.imperialviolet.org/2014/10/14/poodle.html
    Third Party Advisory
  • openssl.org https://www.openssl.org/news/secadv_20141015.txt
    Vendor Advisory
  • openssl.org https://www.openssl.org/~bodo/ssl-poodle.pdf
    Vendor Advisory
  • suse.com https://www.suse.com/support/kb/doc.php?id=7015773
    Third Party Advisory

Remediation

  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
    PatchThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
    PatchThird Party Advisory
  • oracle.com http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
    PatchThird Party Advisory
  • technet.microsoft.com https://technet.microsoft.com/library/security/3009008.aspx
    PatchVendor Advisory