POODLE which stands for “Padding Oracle On Downgraded Legacy Encryption”, describes a security vulnerability in the SSL Version 3 cryptogram used by older Internet browsers. If you’re not a developer, SSL is what your web browser uses to securely send data to web servers when you’re entering information like credit cards. When you see the green HTTPS appear in Chrome, you’re communicating via SSL.
The POODLE vulnerability was identified and released in September 2014 by the Google Security Team.It is an attack on the SSL 3.0 protocol and it is a protocol flaw, not an implementation issue; every implementation of SSL 3.0 suffers from it.
The attack requires to be able to inject data of their own, and to intercept the encrypted bytes. The only plausible context where such a thing happens is a Web browser. In that case, Poodle is, like BEAST and CRIME, an attack on the client, not on the server.
What we need to secure our application from this vulnerability?
Your vendor publishes security fixes; install them. Install the patches. All the patches. Do that. For Poodle and for all other vulnerabilities. You cannot afford not to install them, and that is not new. You should already be doing that.