The DTLS (Datagram Transport Layer Security) protocol allows a huge number of delay-sensitive applications to communicate in a secure channel, and its security research is growing with significant importance. We propose an attack framework to recovery plaintext in DTLS. Our attack leverages the cache side-channel attack to obtain necessary information, and then a padding oracle attack is performed to recovery plaintext. Experimental results on an AES implementation verify the validity and the efficiency of our attack method. This new attack suggests that countermeasures must be provided to guarantee the security of DTLS.