CVE-2014-3566

Published: Oct 15, 2014

Modified: May 28, 2026

PUBLISHED

Description

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

HPSBOV03227

vendor-advisory

x_refsource_HP

http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc

x_refsource_CONFIRM

1031090

vdb-entry

x_refsource_SECTRACK

http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/

x_refsource_CONFIRM

RHSA-2014:1880

vendor-advisory

x_refsource_REDHAT

HPSBHF03300

vendor-advisory

x_refsource_HP

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04819635

x_refsource_CONFIRM

VU#577193

third-party-advisory

x_refsource_CERT-VN

HPSBMU03184

vendor-advisory

x_refsource_HP

HPSBGN03209

vendor-advisory

x_refsource_HP

openSUSE-SU-2014:1331

vendor-advisory

x_refsource_SUSE

https://support.apple.com/kb/HT6542

x_refsource_CONFIRM

1031106

vdb-entry

x_refsource_SECTRACK

HPSBGN03201

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

x_refsource_CONFIRM

[openssl-dev] 20141014 Patch to mitigate CVE-2014-3566 ("POODLE")

mailing-list

x_refsource_MLIST

SSRT101898

vendor-advisory

x_refsource_HP

SSRT101896

vendor-advisory

x_refsource_HP

60056

third-party-advisory

x_refsource_SECUNIA

RHSA-2014:1877

vendor-advisory

x_refsource_REDHAT

HPSBUX03162

vendor-advisory

x_refsource_HP

61130

third-party-advisory

x_refsource_SECUNIA

RHSA-2015:1546

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2015:0503

vendor-advisory

x_refsource_SUSE

https://support.apple.com/kb/HT6529

x_refsource_CONFIRM

https://www.openssl.org/news/secadv_20141015.txt

x_refsource_CONFIRM

APPLE-SA-2014-10-16-3

vendor-advisory

x_refsource_APPLE

http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0

x_refsource_CONFIRM

RHSA-2014:1920

vendor-advisory

x_refsource_REDHAT

1031087

vdb-entry

x_refsource_SECTRACK

HPSBMU03234

vendor-advisory

x_refsource_HP

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667

x_refsource_CONFIRM

https://bto.bluecoat.com/security-advisory/sa83

x_refsource_CONFIRM

SSRT101849

vendor-advisory

x_refsource_HP

http://support.citrix.com/article/CTX200238

x_refsource_CONFIRM

61359

third-party-advisory

x_refsource_SECUNIA

https://support.apple.com/kb/HT6541

x_refsource_CONFIRM

1031093

vdb-entry

x_refsource_SECTRACK

1031132

vdb-entry

x_refsource_SECTRACK

DSA-3144

vendor-advisory

x_refsource_DEBIAN

SSRT101790

vendor-advisory

x_refsource_HP

DSA-3253

vendor-advisory

x_refsource_DEBIAN

SSRT101846

vendor-advisory

x_refsource_HP

http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034

x_refsource_CONFIRM

https://www.suse.com/support/kb/doc.php?id=7015773

x_refsource_CONFIRM

APPLE-SA-2014-10-16-4

vendor-advisory

x_refsource_APPLE

https://www.elastic.co/blog/logstash-1-4-3-released

x_refsource_CONFIRM

SSRT101854

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

x_refsource_CONFIRM

http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html

x_refsource_MISC

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946

x_refsource_CONFIRM

HPSBST03195

vendor-advisory

x_refsource_HP

61827

third-party-advisory

x_refsource_SECUNIA

HPSBMU03152

vendor-advisory

x_refsource_HP

RHSA-2015:0079

vendor-advisory

x_refsource_REDHAT

http://www-01.ibm.com/support/docview.wss?uid=swg21688283

x_refsource_CONFIRM

HPSBMU03304

vendor-advisory

x_refsource_HP

https://technet.microsoft.com/library/security/3009008.aspx

x_refsource_CONFIRM

RHSA-2015:1545

vendor-advisory

x_refsource_REDHAT

https://www-01.ibm.com/support/docview.wss?uid=swg21688165

x_refsource_CONFIRM

HPSBMU03259

vendor-advisory

x_refsource_HP

1031094

vdb-entry

x_refsource_SECTRACK

http://www.vmware.com/security/advisories/VMSA-2015-0003.html

x_refsource_CONFIRM

61316

third-party-advisory

x_refsource_SECUNIA

GLSA-201606-11

vendor-advisory

x_refsource_GENTOO

RHSA-2014:1881

vendor-advisory

x_refsource_REDHAT

https://www.imperialviolet.org/2014/10/14/poodle.html

x_refsource_MISC

1031096

vdb-entry

x_refsource_SECTRACK

HPSBHF03275

vendor-advisory

x_refsource_HP

61810

third-party-advisory

x_refsource_SECUNIA

HPSBHF03293

vendor-advisory

x_refsource_HP

DSA-3053

vendor-advisory

x_refsource_DEBIAN

HPSBGN03237

vendor-advisory

x_refsource_HP

https://support.lenovo.com/us/en/product_security/poodle

x_refsource_CONFIRM

1031107

vdb-entry

x_refsource_SECTRACK

1031095

vdb-entry

x_refsource_SECTRACK

HPSBMU03223

vendor-advisory

x_refsource_HP

SUSE-SU-2014:1549

vendor-advisory

x_refsource_SUSE

HPSBGN03305

vendor-advisory

x_refsource_HP

HPSBUX03194

vendor-advisory

x_refsource_HP

SSRT101868

vendor-advisory

x_refsource_HP

1031091

vdb-entry

x_refsource_SECTRACK

HPSBMU03260

vendor-advisory

x_refsource_HP

1031123

vdb-entry

x_refsource_SECTRACK

http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566

x_refsource_MISC

https://support.apple.com/HT205217

x_refsource_CONFIRM

1031092

vdb-entry

x_refsource_SECTRACK

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

x_refsource_CONFIRM

SUSE-SU-2015:0376

vendor-advisory

x_refsource_SUSE

61926

third-party-advisory

x_refsource_SECUNIA

RHSA-2014:1876

vendor-advisory

x_refsource_REDHAT

SSRT101779

vendor-advisory

x_refsource_HP

http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3566.html

x_refsource_CONFIRM

HPSBHF03156

vendor-advisory

x_refsource_HP

openSUSE-SU-2016:0640

vendor-advisory

x_refsource_SUSE

http://docs.ipswitch.com/MOVEit/DMZ82/ReleaseNotes/MOVEitReleaseNotes82.pdf

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

x_refsource_CONFIRM

SSRT101838

vendor-advisory

x_refsource_HP

HPSBGN03569

vendor-advisory

x_refsource_HP

APPLE-SA-2015-09-16-2

vendor-advisory

x_refsource_APPLE

https://bugzilla.mozilla.org/show_bug.cgi?id=1076983

x_refsource_CONFIRM

https://support.apple.com/kb/HT6531

x_refsource_CONFIRM

SUSE-SU-2014:1357

vendor-advisory

x_refsource_SUSE

https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip

x_refsource_CONFIRM

RHSA-2015:0264

vendor-advisory

x_refsource_REDHAT

https://kc.mcafee.com/corporate/index?page=content&id=SB10091

x_refsource_CONFIRM

https://support.apple.com/kb/HT6527

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

x_refsource_CONFIRM

SSRT101897

vendor-advisory

x_refsource_HP

HPSBGN03203

vendor-advisory

x_refsource_HP

60206

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=1152789

x_refsource_CONFIRM

60792

third-party-advisory

x_refsource_SECUNIA

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

APPLE-SA-2014-10-16-1

vendor-advisory

x_refsource_APPLE

DSA-3489

vendor-advisory

x_refsource_DEBIAN

https://security.netapp.com/advisory/ntap-20141015-0001/

x_refsource_CONFIRM

1031105

vdb-entry

x_refsource_SECTRACK

https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html

x_refsource_CONFIRM

FEDORA-2014-13069

vendor-advisory

x_refsource_FEDORA

1031131

vdb-entry

x_refsource_SECTRACK

HPSBMU03221

vendor-advisory

x_refsource_HP

USN-2487-1

vendor-advisory

x_refsource_UBUNTU

SSRT101795

vendor-advisory

x_refsource_HP

HPSBGN03222

vendor-advisory

x_refsource_HP

https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html

x_refsource_MISC

1031130

vdb-entry

x_refsource_SECTRACK

HPSBMU03301

vendor-advisory

x_refsource_HP

HPSBGN03164

vendor-advisory

x_refsource_HP

RHSA-2014:1948

vendor-advisory

x_refsource_REDHAT

HPSBGN03192

vendor-advisory

x_refsource_HP

RHSA-2014:1653

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2015:0392

vendor-advisory

x_refsource_SUSE

HPSBMU03416

vendor-advisory

x_refsource_HP

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021431

x_refsource_CONFIRM

http://support.apple.com/HT204244

x_refsource_CONFIRM

http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx

x_refsource_CONFIRM

HPSBMU03283

vendor-advisory

x_refsource_HP

RHSA-2015:0085

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

x_refsource_CONFIRM

https://support.apple.com/kb/HT6536

x_refsource_CONFIRM

FEDORA-2014-12951

vendor-advisory

x_refsource_FEDORA

HPSBGN03191

vendor-advisory

x_refsource_HP

https://groups.google.com/forum/#%21topic/docker-user/oYm0i3xShJU

x_refsource_CONFIRM

SSRT101767

vendor-advisory

x_refsource_HP

SUSE-SU-2014:1526

vendor-advisory

x_refsource_SUSE

HPSBGN03332

vendor-advisory

x_refsource_HP

RHSA-2014:1652

vendor-advisory

x_refsource_REDHAT

https://support.apple.com/kb/HT6535

x_refsource_CONFIRM

https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02

x_refsource_MISC

SUSE-SU-2015:0345

vendor-advisory

x_refsource_SUSE

HPSBST03265

vendor-advisory

x_refsource_HP

RHSA-2015:0086

vendor-advisory

x_refsource_REDHAT

HPSBMU03241

vendor-advisory

x_refsource_HP

1031124

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2015:0578

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:0336

vendor-advisory

x_refsource_SUSE

RHSA-2015:0080

vendor-advisory

x_refsource_REDHAT

HPSBMU03294

vendor-advisory

x_refsource_HP

RHSA-2014:1882

vendor-advisory

x_refsource_REDHAT

RHSA-2015:0068

vendor-advisory

x_refsource_REDHAT

HPSBGN03251

vendor-advisory

x_refsource_HP

USN-2486-1

vendor-advisory

x_refsource_UBUNTU

HPSBGN03391

vendor-advisory

x_refsource_HP

59627

third-party-advisory

x_refsource_SECUNIA

HPSBGN03208

vendor-advisory

x_refsource_HP

SSRT101894

vendor-advisory

x_refsource_HP

HPSBMU03214

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

x_refsource_CONFIRM

HPSBMU03263

vendor-advisory

x_refsource_HP

HPSBGN03254

vendor-advisory

x_refsource_HP

https://support.lenovo.com/product_security/poodle

x_refsource_CONFIRM

20141014 SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

vendor-advisory

x_refsource_CISCO

HPSBGN03205

vendor-advisory

x_refsource_HP

RHSA-2015:0698

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

x_refsource_CONFIRM

SUSE-SU-2014:1361

vendor-advisory

x_refsource_SUSE

http://downloads.asterisk.org/pub/security/AST-2014-011.html

x_refsource_CONFIRM

60859

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2014-10-20-2

vendor-advisory

x_refsource_APPLE

GLSA-201507-14

vendor-advisory

x_refsource_GENTOO

SSRT101921

vendor-advisory

x_refsource_HP

SSRT101951

vendor-advisory

x_refsource_HP

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm

x_refsource_CONFIRM

61345

third-party-advisory

x_refsource_SECUNIA

SSRT101834

vendor-advisory

x_refsource_HP

61019

third-party-advisory

x_refsource_SECUNIA

70574

vdb-entry

x_refsource_BID

1031120

vdb-entry

x_refsource_SECTRACK

https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

x_refsource_CONFIRM

61825

third-party-advisory

x_refsource_SECUNIA

http://advisories.mageia.org/MGASA-2014-0416.html

x_refsource_CONFIRM

1031029

vdb-entry

x_refsource_SECTRACK

HPSBUX03281

vendor-advisory

x_refsource_HP

HPSBMU03262

vendor-advisory

x_refsource_HP

HPSBMU03267

vendor-advisory

x_refsource_HP

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

x_refsource_CONFIRM

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681

x_refsource_CONFIRM

HPSBMU03261

vendor-advisory

x_refsource_HP

SUSE-SU-2016:1459

vendor-advisory

x_refsource_SUSE

https://kc.mcafee.com/corporate/index?page=content&id=SB10104

x_refsource_CONFIRM

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

x_refsource_CONFIRM

61782

third-party-advisory

x_refsource_SECUNIA

https://access.redhat.com/articles/1232123

x_refsource_CONFIRM

MDVSA-2015:062

vendor-advisory

x_refsource_MANDRIVA

FEDORA-2015-9110

vendor-advisory

x_refsource_FEDORA

1031085

vdb-entry

x_refsource_SECTRACK

HPSBST03418

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

x_refsource_CONFIRM

SSRT101892

vendor-advisory

x_refsource_HP

APPLE-SA-2014-10-20-1

vendor-advisory

x_refsource_APPLE

HPSBGN03233

vendor-advisory

x_refsource_HP

SSRT101916

vendor-advisory

x_refsource_HP

http://www-01.ibm.com/support/docview.wss?uid=swg21687611

x_refsource_CONFIRM

https://github.com/mpgn/poodle-PoC

x_refsource_MISC

MDVSA-2014:203

vendor-advisory

x_refsource_MANDRIVA

SSRT101739

vendor-advisory

x_refsource_HP

SSRT101968

vendor-advisory

x_refsource_HP

http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html

x_refsource_MISC

https://support.citrix.com/article/CTX216642

x_refsource_CONFIRM

SSRT101899

vendor-advisory

x_refsource_HP

https://puppet.com/security/cve/poodle-sslv3-vulnerability

x_refsource_CONFIRM

openSUSE-SU-2015:0190

vendor-advisory

x_refsource_SUSE

APPLE-SA-2015-01-27-4

vendor-advisory

x_refsource_APPLE

61303

third-party-advisory

x_refsource_SECUNIA

HPSBGN03252

vendor-advisory

x_refsource_HP

HPSBUX03273

vendor-advisory

x_refsource_HP

http://www-01.ibm.com/support/docview.wss?uid=swg21692299

x_refsource_CONFIRM

1031039

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2016:1457

vendor-advisory

x_refsource_SUSE

http://www-01.ibm.com/support/docview.wss?uid=swg21687172

x_refsource_CONFIRM

SSRT101998

vendor-advisory

x_refsource_HP

SUSE-SU-2015:0344

vendor-advisory

x_refsource_SUSE

SSRT101922

vendor-advisory

x_refsource_HP

1031089

vdb-entry

x_refsource_SECTRACK

HPSBGN03253

vendor-advisory

x_refsource_HP

HPSBMU03183

vendor-advisory

x_refsource_HP

TA14-290A

third-party-advisory

x_refsource_CERT

FEDORA-2014-13012

vendor-advisory

x_refsource_FEDORA

61819

third-party-advisory

x_refsource_SECUNIA

HPSBGN03255

vendor-advisory

x_refsource_HP

1031088

vdb-entry

x_refsource_SECTRACK

DSA-3147

vendor-advisory

x_refsource_DEBIAN

61995

third-party-advisory

x_refsource_SECUNIA

HPSBGN03202

vendor-advisory

x_refsource_HP

http://www-01.ibm.com/support/docview.wss?uid=swg21686997

x_refsource_CONFIRM

https://kc.mcafee.com/corporate/index?page=content&id=SB10090

x_refsource_CONFIRM

SSRT101928

vendor-advisory

x_refsource_HP

1031086

vdb-entry

x_refsource_SECTRACK

HPSBPI03360

vendor-advisory

x_refsource_HP

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

x_refsource_CONFIRM

RHSA-2014:1692

vendor-advisory

x_refsource_REDHAT

FEDORA-2015-9090

vendor-advisory

x_refsource_FEDORA

https://www.openssl.org/~bodo/ssl-poodle.pdf

x_refsource_MISC

http://www-01.ibm.com/support/docview.wss?uid=isg3T1021439

x_refsource_CONFIRM

HPSBPI03107

vendor-advisory

x_refsource_HP

[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html

mailing-list

x_refsource_MLIST

https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-3566

Description

Affected Products

References