Task 4 Ð CVE Summary
CVE ID: CVE-2014-3566
Vulnerability Name: POODLE (Padding Oracle on Downgraded Legacy Encryption)
Severity: Critical
Description:
The server supports SSL 3.0, which is an outdated and insecure encryption protocol. An attacker may be able to intercept encrypted communications and recover sensitive information. This vulnerability can expose user data and weaken the security of the system.
Recommendation:
Disable SSL 2.0 and SSL 3.0 and use TLS 1.2 or higher for secure communication.
Source:
Nessus Vulnerability Scan Results