SSL 3.0 POODLE Attack Vulnerability
search cancel

SSL 3.0 POODLE Attack Vulnerability


Article ID: 161381


Updated On:


Deployment Solution


 SSL 3.0 Poodle is a security vulnerability where SSL v3.0 can be attacked and the encrypted data between the computers and servers can be potentially intercepted and decrypted. 

The SSL protocol 3.0 that is used in OpenSSL through 1.0.1i and other products uses a non-deterministic CBC padding. This padding makes it easier for man-in-the-middle attackers to obtain clear text data via a padding-oracle attack that is known as the “POODLE” issue. This issue has major impact on the web servers and the browsers but can potentially affect any communication where the attacker can control the client-side of the communications and gets visibility of the resulting ciphertext.

We have identified the potential impact for this issue due to the presence of the vulnerable version of SSLv3 with Deployment Solution 6.9, ITMS 7.5, and ITMS 7.1 suites of products. Refer to the list of solutions affected in the Plan of Action below.



For more information about the SSL 3.0 POODLE attack vulnerability, visit the following web site:
National Vulnerability Database 



Plan of action:

The following table lists the release versions in which fixes for the affected solution were available (newer versions after the ones mentioned here have the fixes already included) :

Affected solutions

Release version in which the fixes were included

Deployment Solution (all versions)

7.1 SP2 MP1 v11, 7.5 SP1 HF4

Deployment Solution 6.9

DS 6.9SP6 v1

Ghost Imaging Foundation

7.1 SP2 MP1 v11, 7.5 SP1 HF4, DS 6.9SP6 v1

Network Discovery

7.1 SP2 MP1 v11, 7.5 SP1 HF5


7.1 SP2 MP1 v11, 7.5 SP1 HF5

Agent for UNIX, Linux, and Mac


 7.1 SP2 MP1 v11, 7.5 SP1 HF4

For more information read the following article:


Applies To



Affected solutions (shipped with sslv3)

  • Deployment Solution (all versions)
  • Deployment Solution 6.9
  • Ghost Imaging Foundation
  • Network Discovery
  • PPA
  •  Agent for UNIX, Linux, and Mac