Poodle Attack in Spring Boot

The Poodle (Padding Oracle On Downgraded Legacy Encryption) attack exploits vulnerabilities in SSL 3.0's cipher block chaining (CBC) mode, allowing attackers to decrypt HTTPS traffic by forcing protocol downgrades. In Spring Boot applications, this manifests through several specific configurations and code patterns.

Spring Boot's default embedded Tomcat server can inadvertently expose SSL 3.0 if not properly configured. The attack works by intercepting TLS handshakes and manipulating them to fall back to SSL 3.0, which has known vulnerabilities. Attackers can then exploit the CBC padding oracle to decrypt session cookies and authentication tokens.

Common Spring Boot manifestations include:

• Legacy SSL/TLS configurations in application.properties or application.yml that explicitly enable SSL 3.0
• Custom SSLContext configurations that don't properly restrict protocol versions
• Integration with older libraries or dependencies that force SSL 3.0 usage
• Misconfigured reverse proxies or load balancers that allow SSL 3.0 through to the Spring Boot application

The attack typically targets the session cookie exchange during authentication. Once SSL 3.0 is forced, attackers can use timing-based side-channel attacks to determine padding validity, eventually revealing the encrypted cookie contents byte by byte.

Spring Boot's auto-configuration can sometimes include older cipher suites or protocol versions if certain dependencies are present. For example, if your application includes older versions of Spring Security or other security libraries, they might introduce SSL 3.0 support without explicit configuration.

Detecting Poodle vulnerabilities in Spring Boot requires examining both configuration files and runtime behavior. Here are Spring Boot-specific detection methods:

Configuration Analysis

Check your application.properties or application.yml for SSL-related configurations:

server.ssl.enabled-protocols=TLSv1.2,TLSv1.3

If you see SSLv3, SSL 3.0, or missing explicit protocol restrictions, you have a vulnerability. Spring Boot's auto-configuration can be overridden by explicit protocol declarations.

Runtime Protocol Detection

Use Spring Boot's Actuator endpoints to examine active protocols:

@RestController
@RequestMapping("/api/security")
public class SecurityController {
    
    @GetMapping("/protocols")
    public Map<String, Object> getSupportedProtocols() {
        SSLContext sslContext = SSLContext.getDefault();
        SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
        SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket();
        
        return Map.of(
            "supportedProtocols", Arrays.asList(socket.getEnabledProtocols()),
            "enabledCipherSuites", Arrays.asList(socket.getEnabledCipherSuites())
        );
    }
}

middleBrick Scanning

middleBrick's black-box scanning approach is particularly effective for detecting Poodle vulnerabilities in Spring Boot applications. The scanner tests the actual runtime behavior without requiring source code access:

npx middlebrick scan https://yourapp.com/api

middleBrick specifically checks for:

• SSL 3.0 protocol support in the TLS handshake
• Vulnerable cipher suites that enable CBC padding oracle attacks
• Protocol downgrade capabilities that could be exploited
• Missing TLS version restrictions

The scanner provides a security score with detailed findings, including specific protocol versions detected and their associated risk levels. For Spring Boot applications, middleBrick can identify configuration issues that might not be apparent from source code review alone.

Spring Boot Actuator Integration

Enable Spring Boot's security endpoints to get runtime TLS information:

management:
  endpoints:
    web:
      exposure:
        include: health,info,env
  endpoint:
    env:
      sensitive: false

This allows you to examine the actual runtime environment and verify protocol restrictions are properly enforced.

Remediating Poodle vulnerabilities in Spring Boot requires both configuration changes and code-level fixes. Here are Spring Boot-specific remediation approaches:

Configuration-Based Remediation

Update your application.properties or application.yml to explicitly restrict protocols:

server.ssl.enabled-protocols=TLSv1.2,TLSv1.3
# Explicitly disable SSL 3.0 and older TLS versions
server.ssl.ciphers=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
                 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
                 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
                 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
                 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

Custom SSL Configuration

For more granular control, create a custom SSL configuration bean:

@Configuration
public class SSLConfig {
    
    @Bean
    public ConfigurableServletWebServerFactory webServerFactory() {
        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
        
        factory.addConnectorCustomizers(connector -> {
            connector.setProperty("sslEnabledProtocols", "TLSv1.2,TLSv1.3");
            connector.setAttribute("SSLEnabled", true);
            
            // Configure secure cipher suites
            connector.setAttribute("ciphers", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
        });
        
        return factory;
    }
}

Spring Security Integration

Configure Spring Security to enforce TLS requirements:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .requiresChannel()
                .anyRequest()
                .requiresSecure()
            .and()
            .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
            .csrf(csrf -> csrf
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
            );
    }
}

Protocol Enforcement Filter

Add a filter to reject SSL 3.0 connections at the application level:

@Component
public class SSLProtocolFilter implements Filter {
    
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        
        if (request instanceof HttpServletRequest) {
            HttpServletRequest httpRequest = (HttpServletRequest) request;
            String protocol = httpRequest.getProtocol();
            
            if (protocol.contains("SSLv3") || protocol.contains("SSL/3.0")) {
                HttpServletResponse httpResponse = (HttpServletResponse) response;
                httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
                httpResponse.getWriter().write("SSL 3.0 not supported");
                return;
            }
        }
        
        chain.doFilter(request, response);
    }
}

Testing Your Remediation

After applying fixes, verify your remediation using middleBrick:

npx middlebrick scan https://yourapp.com/api --fail-on-severity=high

This ensures your Spring Boot application no longer supports SSL 3.0 and is protected against Poodle attacks. middleBrick will provide a detailed report showing which protocols and cipher suites are still active, helping you confirm your remediation was successful.