The max version of SSL is TLS1.0. According to the Wikipedia article on SSL, almost all ciphers (and all ciphers supported by Unity’s .NET) are vulnerable to POODLE unless some special mitigation techniques are applied. Are these applied?
My testing indicates “no”. Out of the box, we’ve got TLS1.0 and SSLv3 enabled and no TLS_FALLBACK_SCSV support. (I can’t find any mention of TLS_FALLBACK_SCSV support in Mono, even in more recent versions.) Therefore, if you’re connecting to a server with SSLv3 enabled, your SSL can be decrypted by a POODLE MITM attack.
Proof of concept here: GitHub - nfirvine/unity-poodle: Demonstrates that default configuration of Unity is vulnerable to POODLE