If this is similar in severity to Poodle, does that mean all CBC ciphers are doomed?
This will be a major problem for many users, since (AFAIK) this will disable usage of TLS below 1.2. It would be nice if someone could clarify :)
These are implementation flaws, but they’re caused by a spec that’s hard to get right.
You can implement CBC mode in a secure way. It’s complicated. The underlying vuln is known since 13 years and people still don’t implement it correctly.