The BEAST attack can be successful against pre-SSL 3.1/TLS 1.1 VPN protocols, but many browsers already allow you to choose post-SSL. The attack is serious — but for the time being, it’s difficult to pull off because a would-be attacker has to work pretty hard to ensure that the target meets multiple preconditions. Because BEAST isn’t causing worldwide, prolific attacks now, many vendors and websites are going to ignore the warning or be slow in response.”]
Source: https://www.csoonline.com/article/2620971/now-that-ssl-has-been-cracked-watch-out.html