Google has discovered a vulnerability in the design of SSL version 3.0. This vulnerability allows the plaintext of secure connections to be calculated by a network attacker. You can read more about here:
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
Cisco has an Advisory out:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
You can also read the Cisco Event Response: POODLE Vulnerability:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_Poodle_10152014.html
To mitigate the POODLE vulnerability in Cisco ASA add these commands to the device configuration:
TPA-ASA#conf t TPA-ASA(config)#ssl server-version tlsv1-only TPA-ASA(config)#ssl client-version tlsv1-only
A great site to test for the POODLE Vulnerabiltiy is Qualys SSL Labs (https://www.ssllabs.com/ssltest/index.html). It runs a comprehensive SSL scan on the URL you want to scan.
As you can see below, I ran a scan before and after entering the commands.
Before adding commands:
After adding commands:
