For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Don_Baker_24606's avatar
Don_Baker_24606
Icon for Nimbostratus rankNimbostratus
Mar 09, 2016

Is version 11.5.3.0.0.163 Vulnerable to these attacks Beast/Poddle

  TLS/SSL Server is enabling the BEAST attack   TLS/SSL Server is enabling the POODLE attack  
BIG-IP
security
CharlesCS's avatar
CharlesCS
Icon for Cirrus rankCirrus
Mar 09, 2016

According to SOL13400, version 11.5.3 is vulnerable to BEAST but you can mitigate the issue by using only TLS1.1, TLS1.2, or RC4-SHA ciphers.

 

According to SOL15702, 11.5.3 is not vulnerable to POODLE. You can also provide additional mitigation by preventing use of SSLv3 ciphers.