POODLE is not a flaw with the certificate authority (CA), SSL certificates or certificate management system. POODLE is a TLS implementation bug.
Adam Langley states that “TLS’s padding is a subset of SSLv3’s padding so, technically, you could use an SSLv3 decoding function with TLS and it would still work fine. It wouldn’t check the padding bytes but that wouldn’t cause any problems in normal operation. However, if an SSLv3 decoding function was used with TLS, then the POODLE attack would work, even against TLS connections.”
Tests have shown that the F5 and A10 devices are vulnerable to POODLE for TLS. Qualys SSL Labs has extended their SSL Server Test to cover POODLE for TLS, so you can test your site. If the site is vulnerable it will receive an F grade.
Unlike POODLE for SSL 3.0, the industry is not in a position to turn off all of TLS to mitigate POODLE for TLS. As such vendors must patch to mitigate the vulnerability.