CVE-2014-3566 POODLE vs. CVE-2014-8730 TLS POODLE

At F5 Networks we have seen a good deal of confusion over these two CVEs ever since they appeared late last year. As this is ongoing, we felt it needs to be addressed. The confusion is totally unders...
Published Feb 17, 2015
Version 1.0
BIG-IP
f5 sirt
security
TMOS
BoyanBonev_2135's avatar
BoyanBonev_2135
Icon for Nimbostratus rankNimbostratus
Jul 31, 2015
Hi, From what I understand from the article, the only allowed cipher suites which are not affected by the POODLE attack are RC4 ciphers. If this is the case then there might be an issue with this since Oracle has disabled the RC4 suites in their latest versions of the JVM (7u85 and 8u51). The motivation for this is because the RC4 suites are weak. I want to ask what is the recommendation for the case where java clients try to access the F5 through TLS and the only allowed ciphers are RC4 (because this is what's your recommended F5 config)?