Is the above vulnerable to Lucky-13 and POODLE/TLS?
Strictly speaking, it depends on the vendor (server) implementation.
Any non-AEAD suite is vulnerable to Lucky 13, but server implementation can (we think) make the problem non-exploitable.
As for POODLE TLS, it's an implementation vulnerability and not specific to any suites.
actually, any non-CBC suite (which includes RC4, AEAD, and proposed (but AFAIK not implemented by anyone) ChaCha20 HMAC suites) is immune to both, because you can't have a padding oracle attack without padding.
Retrieving data ...