Zero-day Vulnerability Database

Change view:

Zero-day vulnerabilities discovered: 1

Multiple vulnerabilities in OpenSSL
CVE-2014-3566

Information disclosure

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to usage of insecure SSLv3 protocol in OpenSSL. A remote attacker can force the current connection between user and server to be downgraded to SSLv3 protocol and then use padding-oracle attack on Cypher-block chaining (CBC) mode to decrypt encrypted communication.

Successful exploitation of the vulnerability may allow an attacker to read encrypted communications in clear text.

Note: The vulnerability is known as POODLE.
i

The vulnerability was used in the attack called Poodle against Docker.

Software: OpenSSL

The vulnerability was used in the attack called Poodle against Docker.

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.