AnsweredAssumed Answered

SSL report still shows the site is vulnerable to POODLE after patching, any idea?

Question asked by Ken Huang on Oct 2, 2018
Latest reply on Oct 17, 2018 by Ken Huang

Hi, 

   Any idea why the SSL report still shows the site is vulnerable to POODLE with a rating of F?  We've already patched all the web servers.  When I executed using openssl command, it is not vulnerable at all.  Please help.

 

openssl s_client -connect www.glimpzit.com:443 -ssl3
CONNECTED(00000003)
24435:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1052:SSL alert number 40
24435:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:529:

 

https://www.ssllabs.com/ssltest/analyze.html?d=www.glimpzit.com

 

Outcomes