In order to avoid POODLE vulnerability which allows attackers to downgrade SSL/TLS protocol to version SSL v3, and then break the cryptographic security, you might want to disable SSL v3 on the Tomcat server. For more information on how to do this, read the procedure on the Apache website.