Forum Discussion
NimbostratusHeartbleed Bug on F5
Get the latest updates on how F5 mitigates Heartbleed
Hello,
We are using F5 for our LTM and we are on OS V 10.0.0, we offload our SSL on F5.
I was testing the vulnerability on a website "https://www.ssllabs.com/ssltest/analyze.html?d=mail.sharjah.ac.ae" and I found some issues, like below:
Protocol support rated 0, Key Exchange rated 40,Cipher Strength 60.
Is this result are real, do we have to do something to solve it. Please find the image attached for the detail result.
Thanks and Regards
a.latheef University of Sharjah
3 Replies
- nitass
Employee
sol10737: SSL Renegotiation vulnerability - CVE-2009-3555 / VU120541
http://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.htmlsol7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)
http://support.f5.com/kb/en-us/solutions/public/7000/800/sol7815.htmlImplementation of forward secrecy in LTM
https://devcentral.f5.com/questions/implementation-of-forward-secrecy-in-ltmhope this helps.
Mike_MaherSo your issues have nothing to do with Heartbleed, the Qualys testing site does test for Heartbleed, however it is also checking the overall SSL setup and looking for other vulnerabilities as well. Your problems appear to me more related to older vulnerabilities like the insecure renegotiation it is seeing. By going through the links that nitass provided you can probably solve most of your problems.
