F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Abi80_167352's avatar
Abi80_167352
Icon for Nimbostratus rankNimbostratus
Oct 17, 2014

F5 High Prio SSLv3 issue CVE-2014-3566 15102014

I am running bigip LTM version 10.2.4 and i believethis version is vulnerable to the MIM cuz of which i was adviced to switch over to TLS   My questions are   1) Does it apply to both client ...
security
shaggy's avatar
shaggy
Icon for Nimbostratus rankNimbostratus
Oct 20, 2014

The solution is applicable to both client-side and server-side profiles.

 

https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip

 

"If you are running 11.5.0 or later, your default clientssl and serverssl profiles do not contain SSLv3 ciphers and SSLv3 cannot be negotiated. If your SSL profile derives from these profiles, your application is not vulnerable. On all versions, you can disable SSLv3 ciphers by adding the string “!SSLv3” to your clienssl or serverssl profile. The procedure to change your ciphers is well described in SOL 13171."