Incident:

The Internet security threat CVE-2014-3566, commonly referred to as POODLE, was discovered on October 14, 2014. The threat potentially takes advantage of web browsers’ fallback to SSL version 3 in order to gain access to information that should be encrypted via SSL (HTTPS connections).

On October 15, Caspio’s infrastructure provider, Amazon Web Services (AWS) released an advisory notice to its customers with instructions on disabling SSLv3 on AWS load balancers.

Resolution:

The security of our users’ data is a top priority at Caspio. Within hours of the AWS advisory, Caspio released a patch to disable all SSLv3 connections and verified that all of our servers have been patched appropriately.

This issue may affect end users with old browsers trying to load Caspio DataPages deployed with SSL (HTTPS). The DataPage will not load unless the browser supports TLS 1.0 or higher. See our System Requirements for a list of recommended browsers and upgrade as needed.

If you are experiencing an issue loading SSL-enabled DataPages, please open a Support Ticket and provide your browser version, OS version, and the URL where you cannot access the DataPage.