POODLE Attack (CVE-2014-3566)
What is POODLE Attack (CVE-2014-3566)?
POODLE Attack (CVE-2014-3566)A 2014 padding-oracle attack on SSL 3.0 (and some buggy TLS implementations) that lets a man-in-the-middle decrypt sensitive bytes of an HTTPS session.
POODLE — Padding Oracle On Downgraded Legacy Encryption — was disclosed by Google researchers in October 2014 as CVE-2014-3566. SSL 3.0's CBC mode does not authenticate the padding bytes, so an active man-in-the-middle who can force a downgrade to SSL 3.0 can iteratively guess one plaintext byte per ~256 requests by observing padding-acceptance responses. Targets are typically web cookies. A related variant ("POODLE on TLS") affected some TLS implementations that copied SSLv3 logic. Mitigations: disable SSL 3.0 everywhere, enable TLS_FALLBACK_SCSV to prevent forced downgrades, prefer TLS 1.2/1.3 with AEAD cipher suites, and remove legacy CBC support.
● Examples
- 01
An on-path attacker on coffee-shop Wi-Fi forcing the browser to downgrade to SSL 3.0 to steal session cookies.
- 02
Wide-scale disabling of SSL 3.0 on web servers, browsers and CDNs in late 2014 in response to POODLE.
● Frequently asked questions
What is POODLE Attack (CVE-2014-3566)?
A 2014 padding-oracle attack on SSL 3.0 (and some buggy TLS implementations) that lets a man-in-the-middle decrypt sensitive bytes of an HTTPS session. It belongs to the Vulnerabilities category of cybersecurity.
What does POODLE Attack (CVE-2014-3566) mean?
A 2014 padding-oracle attack on SSL 3.0 (and some buggy TLS implementations) that lets a man-in-the-middle decrypt sensitive bytes of an HTTPS session.
How do you defend against POODLE Attack (CVE-2014-3566)?
Defences for POODLE Attack (CVE-2014-3566) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for POODLE Attack (CVE-2014-3566)?
Common alternative names include: CVE-2014-3566, SSL 3.0 padding-oracle.