For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altostratus rank

Altostratus

Jan 07, 2015

Removing Poodle TLS padding vulnerability returns RC4 warning

Hi, We are running F5 LTM version 11.2. Recently we disabled the RC4 weak CIPHER to remove the Minimal warning from our PCI scan. But due to the recent arrival of Poodle TLS vulnarability ...

application delivery

Icon for Cirrostratus rank

Cirrostratus

Jan 07, 2015

Hi

the F5 solution 15882 states "To mitigate this vulnerability, you can create a custom cipher string for the SSL profile that uses RC4 or AES-GCM ciphers"

AES-GCM is not supported in pre 11.5.0 releases.

I think here you should upgrade (11.2.1 HF13 is the closest to your release, with TLS poodle fixed)

Alex

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5