A downgrade attack is a form of attack on a computer system or communications protocol that makes it abandon a high-quality mode of operation (e.g. an encrypted connection) in favor of an old, lower-quality mode of operation (e.g. clear text) that is there for backward compatibility with older systems. This is a flaw found in OpenSSL and it allows the attacker to negotiate to a lower version of TLS between the client and server. This is one of the most common types of downgrade attacks.
Downgrade attacks are often implemented as part of a man-in-the-middle attack, and may be used as a way of enabling a cryptographic attack that might not be possible otherwise. Downgrade attacks have been a consistent problem with the SSL/TLS family of protocols; examples of such attacks include the POODLE attack.
Removing backward compatibility is often the only way to prevent downgrade attacks.