This is will create trouble here. Unlike proper When network attackers cause connection failures on latest SSL versions (i.e. After hundreds of millions of messages, an attacker could recover the plaintext. The POODLE Attack To work with legacy servers, many TLS clients implement a downgrade dance: in a first handshake attempt, offer the highest protocol version supported by the client; if this handshake fails, retry (possibly repeatedly) with earlier protocol versions. F5’s security teams have done some investigation, and we believe that using the RC4 can be used as POODLE mitigation for those legacy clients. To explain this in simpler terms, if an attacker using a Man-In-The-Middle attack can take control of a router at a public hotspot, they can force your browser to downgrade to SSL 3.0 (an older protocol) instead of using the much more modern TLS (Transport Layer Security), and then exploit a security hole in SSL to hijack your browser sessions. POODLE can recover information after only tens of thousands of … RC4 does have a known weakness. This is a important point to keep in mind when considering different mitigation techniques and their aggressiveness. RC4 is a stream cipher and is not vulnerable to the POODLE attack. I mention this because many of you do not … Let me preface the different techniques by adding some context to the exploitability of POODLE: This attack requires that an attacker have MITM (Man In The Middle) access to your communication between the client and Splunk. POODLE (Padding Oracle On Downgraded Legacy) is kind of protocol downgrade attack which is not new thing in Web Security. TLS 1.0, 1.1, or 1.2), web browsers will be forced to fall back to choose older and vulnerable SSL 3.0 connection.