It is recommended to upgrade TLS to 1.1 or higher and ensuring TLS 1.0 and SSL 1, 2, 3.x are disabled, unless required. TLS 1.0 clients can fall back to version 3.0 of the SSL protocol, which is vulnerable to a padding oracle attack when Cypher-Block Chaining mode is used. This method is commonly referred to as the POODLE (Padding Oracle on Downgraded Legacy Encryption) attack. Vulnerable TLS implementations can be updated by applying the patch provided by the vendor. Vendor information is available in the National Vulnerability Database.