So far, researchers have only mentioned two vendors whose products are affected by this issue- F5 and A10 Networks. F5 has issued the following guidance for their customers, but we've yet to see news from A10 Networks. Langley has also observed some "odd behavior" on Citrix devices, but says they are "unable to make an attack out of it."
To see if your site is vulnerable to this latest attack, you can check your domain using the Qualys SSL Labs Server Test, available here. Vulnerable sites will receive an F and the scan will report "This server is vulnerable to the Poodle attack against TLS servers." To test this, I scanned a few popular websites and observed the following results for several banks:
Of course, the first thing companies should do is test to see if their own sites are vulnerable to this latest version of Poodle. However, it's also worth considering whether vendors in your information supply chain are also at risk. While the presence of this vulnerability does not mean your network or vendor has been exploited, it's important to take steps to remediate this issue before an exploit does occur. According to Ivan Ristic, "As problems go, this one should be easy to fix."