POODLE is back and this time it's affecting the TLS Security Protocol (CVE-2014-8730). POODLE was originally thought to only affect the aging SSL 3.0 standard. Security researchers are now saying that this issue may affect implementations of TLS in products that inadequately check the the TLS Packet padding structure. This variation of the vulnerability is the result of the implementation of the TLS protocol, not the design of the protocol itself. This means that among vendors using TLS, some will be impacted and some will not.
Ping Identity has confirmed that the recommendations from Ping Identity's initial POODLE response issued in October SECBL005 (posted on October 17th, 2014) provide steps to protect customers from this variant for both PingFederate and PingAccess.