POODLE vulnerability that affected the most widely used web encryption standard Secure Sockets Layer (SSL) 3.0 has once again returned and is likely to affect some of the most popular web sites in the world including those owned or operated by Bank of America, the US Department of Veteran’s Affairs, and Accenture. The new vulnerability (CVE-2014-8730) affects TLS version 1.2 which fails to handle padding, which was the target of PoODLE. The attack is slightly easier to execute no need to downgrade modern clients down to SSL 3 first, says security firm Qualys.
Source: https://thehackernews.com/2014/12/SSL-Poodle-TSL-attack.html