Forum Discussion

Manny_Santizo_8's avatar
Icon for Nimbostratus rankNimbostratus
Oct 18, 2011

OpenSSL SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG Session Resume Ciphersuite Downgrade Weakness

has anyone been able to isolate and mitigate this issue: I beleive it has to do with Open SSL and even though every article I read said that the version of software I am running 10.2.2 HF3 is not vulnerable everytime I get scanned I get this as part of the scan - need to be able to mitigate this issue or I will not be PCI compliant. Anyone knows how to mitigate this issue please help!

1 Reply

  • I have seen this issue as well. I would recommend checking which ciphers your F5 supports. If it only supports high strength ciphers, then this is not an issue. As the downgrade issue will not work. You will only be able to resume the session from high strength cipher to another.



    Hope this answers you question.