POODLE is a vulnerability in the design of SSL version 3.0. POODLE is actually an acronym for Padding Oracle On Downgraded Legacy Encryption. The vulnerability allows the decryption to plaintext of secure connections. The bug was discovered by Google Security Team researcher Bodo Möller in collaboration with Thai Duong and Krzysztof Kotowicz.
POODLE vulnerability relates to the flaw in CBC ciphers used in SSLv3. The attack is feasible when a higher SSL connection (TLS 1.0 - 1.2) is downgraded to SSLv3. As the CBC ciphers used in SSLv3 are non deterministic in nature hence allows for decrpytion of SSL Connection. There is no practicle workaround to this attack and hence it is recommended to avoid SSLv3 entirely.
For more information on POODLE:-
POODLE Official announcement website
POODLE attacks on SSLv3 at ImperialViolet
The vulnerability affects the server which support SSL version 3.0 using CBC ciphers. However since its a implementation bug and the remaining RC4 cipher suites are aleady considered vulnerable hence it is recommended to disable SSLv3 completely.
TLS_FALLBACK_SCSV mode is enabled on the server.For more details:
OWASP Transport Layer Protection Cheat Sheet
OWASP TOP 10 2013 Sensitive Data Exposure