SSL 3.0 Poodle is a security vulnerability where SSL v3.0 can be attacked and the encrypted data between the computers and servers can be potentially intercepted and decrypted.
The SSL protocol 3.0 that is used in OpenSSL through 1.0.1i and other products uses a non-deterministic CBC padding. This padding makes it easier for man-in-the-middle attackers to obtain clear text data via a padding-oracle attack that is known as the “POODLE” issue. This issue has major impact on the web servers and the browsers but can potentially affect any communication where the attacker can control the client-side of the communications and gets visibility of the resulting ciphertext.
We have identified the potential impact for this issue due to the presence of the vulnerable version of SSLv3 with Deployment Solution 6.9, ITMS 7.5, and ITMS 7.1 suites of products. Refer to the list of solutions affected in the Plan of Action below.