The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-10-15T00:00:00
Updated: 2024-11-27T19:31:57.733Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3566
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-10-15T00:55:02.137
Modified: 2024-11-27T20:15:18.447
Link: CVE-2014-3566
Redhat