Choose your language preference Choose your language preference Choisir votre pr?f?rence de langue W?hlen Sie Ihren Sprachenvorzug あなたの言語好みを選びなさい

SSL POODLE Advisory for Verizon Conferencing services - November 21, 2014

November 21, 2014

Subject: SSL POODLE Vulnerability for Verizon Conferencing Services

Dear Verizon Conferencing Customer:

POODLE "Padding Oracle On Downgraded Legacy Encryption" (CVE-2014-3566) is the name for a type of attack that uses a vulnerability for an old, and for the most part not used, encryption protocol, SSLv3 that is used to secure connections to remote computers over the internet.

There are more up to date encryption protocols that should be used in place of SSLv3 including TLS 1.0, TLS 1.1 and TLS 1.2. Most applications / systems should disable SSLv3 support and switch to TLS

Verizon is fully aware of the POODLE vulnerability and is taking proper action to address the vulnerability with priority focus by conducting comprehensive due diligence activities across our enterprise, including:
  • Discovery - assessing our networks & systems to identify where the vulnerability exists
  • Device inventory - identifying affected systems by type and applicable vendors
  • Remediation - if Verizon finds any instances where SSLv3 (or earlier versions) is still enabled, we will take prompt action to disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 wherever possible based on risk assessment of class and type of machine, with priority given to the most critical systems and networks

Further, Cisco and Microsoft have notified Verizon of the SSL POODLE security advisory related to the Cisco WebEx suite of products and the Microsoft® Office Live Meeting product. Cisco has provided a website where you can track their on-going updates below. Microsoft remediated our Microsoft Office Live Meeting servers on October 23rd.

The Cisco advisory is available at the following link

If you have any further questions or concerns, don't hesitate to contact your Verizon Conferencing account manager for further information.

Customer questions for net conferencing products are being directed to Conferencing Support at or 866-449-0701. Also, you may submit your inquiry via the following Contact Us link.

Thank you for choosing Verizon Conferencing


Verizon Conferencing Support