{"policy":{"name":"CVE-2014-3566 POODLE: Windows Server 2008, 2012","description":"Detect POODLE (CVE-2014-3566) on Windows Server 2008, 2012","platform":"windows","url":"https://api.cloudpassage.com/v1/policies/8d69da103b7d0132ed0b3c764e10c220","id":"8d69da103b7d0132ed0b3c764e10c220","used_by":[{"id":"dc3765803b8e0132f8583c764e108057","name":"POODLE-WIN"}],"rules":[{"active":true,"alert":false,"comment":"This rule checks for SSLv3 settings in Windows Registry to ascertain if insecure protocols have been disabled.","critical":false,"log":false,"name":"Disable SSLv3 in Windows Registry (CVE-2014-3566)","taxonomy":"software_configuration","checks":[{"object_type":"registry_key_value_setting","active":true,"exportable":true,"suggestion":"If this check's results are 'Indeterminate', you should consider yourself vulnerable to CVE-2014-3566.  Using this registry key to disable SSLv3 will disable it for all server processes on your Windows server, including IIS.\r\nIf this registry key does not exist, create it and set it to '0' (zero).\r\nHKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\r\nKey: Enabled\r\nDWORD: 0\r\n\r\nFor more information, visit https://technet.microsoft.com/en-us/library/security/3009008.aspx","registry_key":"HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server","value_name":"Enabled","expected_data":"0"}],"reference_identifiers":[]}]}}