The POODLE (CVE-214-03566) vulnerability can force a client to negotiate SSLv3 instead of TLSv1.x ciphers. Then a BEAST-like attack can be conducted against SSLv3 to obtain information from the encry...
Tested on 11.4.0 and 11.4.1 (this is not official): Edit the file /config/httpd/conf.d/ssl.conf: line 'SSLProtocol all' to: 'SSLProtocol all -SSLv2 -SSLv3'. then: 'bigstart httpd restart'.