Forum Discussion

Noctilucent

Sep 30, 2016

Eliminate CBC (CVE-2016-6907) from default cipher

Hi Expert,

Recently receive alert from F5 they have mention that, there is vulnerability(CVE-2016-6907 )with CBC cipher. can any one help me to eliminate CBC cipher from default list.

Thanks

BIG-IP

LTM

security

1 Reply

JG
Cumulonimbus
Sep 30, 2016
The sol article related to this is: sol39508724: TMM SSL/TLS virtual server vulnerability CVE-2016-6907.

You will also find this article helpful: sol13171: Configuring the cipher strength for SSL profiles (11.x)".

Essentially you can edit the SSL profile and define the "Ciphers" as "DEFAULT:!CBC".

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Eliminate CBC (CVE-2016-6907) from default cipher

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Multiple Default Gateways

How HTTP/2 Eliminates Technical Debt

Delete Management Default Route?

A Closer Look at mTLS and the Default Server in F5 NGINX

FQDN nodes in non-default route domains

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS