Blog | G5 Cyber Security

Cloud Apps Still Vulnerable to POODLE, Finds Netskope

In September, OpenSSL.org announced another SSL exploit called POODLE. The attack is designed to take advantage of a vulnerability in the SSL V 3.0 protocol using the CBC mode encryption. In the padding, bytes are not checked against any value nor covered by the message digest (MAC) The attack itself follows the man-in-the-middle format, involving a client downgrade dance, along with the attacker having the ability to control/modify the traffic from the client to a server.”]

Source: https://informationsecuritybuzz.com/news/cloud-apps-still-vulnerable-poodle-finds-netskope/

Exit mobile version