CVE-2014-3566

2014-10-14T20:55:02
ID CVE-2014-3566
Type cve
Reporter NVD
Modified 2018-10-30T12:27:34

Description

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.