The POODLE attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0.

The Snare Agents are not affected by POODLE as it requires a cookie injection from the client and Snare does not use cookies for our connections.

Since it’s a client side attack, and would need some man-in-the-middle attack on the internal network which is low risk, and given most Snare Servers are on restricted networks, then it is low risk.

For additional information review US-CERT TA14-290A.