CVE-2014-3566 in Oracle Endeca Serverinfo

Summary

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/14/2014

Disclosure

10/14/2014

Entries

VulDB provides additional information and datapoints for this CVE:

Sources

• MITRE
• NVD
• CVE Details