CVE-2014-3566

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:access No
gptkbp:affects gptkb:SSL_3.0
gptkbp:alsoKnownAs gptkb:POODLE
gptkbp:citation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
https://www.openssl.org/~bodo/ssl-poodle.pdf
gptkbp:complexity Low
gptkbp:describes A vulnerability in SSL 3.0 that allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle attack.
gptkbp:discoveredBy gptkb:Bodo_Möller
gptkb:Krishna_Bhargavan
gptkb:Thai_Duong
gptkbp:exploits gptkb:Padding_Oracle
gptkbp:hasCVSSScore 4.3
https://www.w3.org/2000/01/rdf-schema#label CVE-2014-3566
gptkbp:impact integrity
confidentiality
man-in-the-middle attack
gptkbp:mitigatedBy Disable SSL 3.0
Use TLS instead of SSL 3.0
gptkbp:publicationDate 2014-10-14
gptkbp:vectorFor gptkb:network_protocol
gptkbp:bfsParent gptkb:POODLE_attack
gptkbp:bfsLayer 5