SSL Poodle Vulnerability Checker
Check your SSL/TLS configuration for POODLE vulnerability. Ensure SSL 3.0 is disabled to prevent downgrade attacks.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
20 seconds
Time Interval
1 month 4 days
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
What is SSL POODLE Vulnerability?
SSL POODLE (Padding Oracle On Downgraded Legacy Encryption) is a vulnerability that exploits weaknesses in the SSL 3.0 protocol. By exploiting SSL 3.0's padding mechanism in CBC (Cipher Block Chaining) mode, attackers can decrypt sensitive data transmitted over secure connections.
The attack is made possible when a connection falls back to SSL 3.0 due to protocol downgrade mechanisms. Once the connection uses SSL 3.0, the attacker can perform a man-in-the-middle (MITM) attack to inject and manipulate encrypted traffic, gradually revealing the plaintext data. The vulnerability is significant because many legacy systems still support SSL 3.0 for backward compatibility.
To mitigate this issue, SSL 3.0 should be disabled on both servers and clients, and modern encryption protocols such as TLS 1.2 or TLS 1.3 should be enforced. Additionally, ensuring secure cipher suite configurations can further reduce exposure.
