SSL v3.0 is Still Vulnerable

The vulnerable cryptographic protocol SSL 3.0 (Secure Sockets Layer) is still being used by services across the internet despite being superseded by the TLS protocol (Transport Layer Security) eighteen years ago.

Threat ID:: CC-1153
Category:
Threat Severity:: Medium
Threat Vector:: Exploit
Published:: 9 February 2017 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Threat details

The POODLE vulnerability (Padding Oracle On Downgraded Legacy Encryption) was identified in 2014 however many online services continue to be vulnerable by supporting SSL. Whilst not trivial to exploit, the vulnerability allows an attacker to steal information over time by altering the communications between the client and server. A tiny portion of data is leaked in each POODLE request and a large series of requests are used to collate stolen information.

The vulnerability is in the design of the SSL 3.0 encryption protocol which is still supported by many internet browsers and applications. The superior TLS protocol is not itself vulnerable, however it contains a “downgrade to SSL 3.0” option for backwards compatibility where TLS is not supported.

An attacker can intercept communications between the client and server via a Man in the Middle attack. They can then force the chosen protocol to downgrade to SSL 3.0 and use the POODLE attack to steal data.

Remediation steps

Type	Step
	The recommended remediation is to disable SSL 3.0 support on the server. This may impact clients which are unable to use TLS (or other secure protocols) - for example Windows XP clients running Internet Explorer 6 do not support TLS. Windows XP users can move to alternative browsers such as Chrome or Firefox which do support TLS. Organisations can understand the impact of disabling SSL 3.0 by getting a log summary of which encryption ciphers clients and browsers are using. This can also provide the ability to detect if an attack is happening. Also note that the latest versions of TLS software should be used - some implementations of TLS prior to 2015 contain the POODLE vulnerability.

Type

Step

The recommended remediation is to disable SSL 3.0 support on the server.

This may impact clients which are unable to use TLS (or other secure protocols) - for example Windows XP clients running Internet Explorer 6 do not support TLS. Windows XP users can move to alternative browsers such as Chrome or Firefox which do support TLS.

Organisations can understand the impact of disabling SSL 3.0 by getting a log summary of which encryption ciphers clients and browsers are using. This can also provide the ability to detect if an attack is happening.

Also note that the latest versions of TLS software should be used - some implementations of TLS prior to 2015 contain the POODLE vulnerability.

Last edited: 11 January 2022 9:49 am