Re: Poodle attack and RC4 cipher complain, even after disabling SSLv3 in tomcat and Apache.

2016-01-14 13:27 GMT+03:00 Weare Borg : > Hello friends, > > I recently scanned our domain Qualys SSL lab and found out that we have 2 > problems as listed below : > > 1) This server is vulnerable to the POODLE attack. If possible, disable SSL > 3 to mitigate. Grade capped to C > 2) This server acc

Poodle attack and RC4 cipher complain, even after disabling SSLv3 in tomcat and Apache.

Hello friends, I recently scanned our domain Qualys SSL lab and found out that we have 2 problems as listed below : 1) This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C 2) This server accepts RC4 cipher, but only with older protocol versions