CVE-2014-3566: Removing SSLv3 from BIG-IP

The POODLE (CVE-214-03566) vulnerability can force a client to negotiate SSLv3 instead of TLSv1.x ciphers. Then a BEAST-like attack can be conducted against SSLv3 to obtain information from the encry...
Updated Mar 18, 2022
Version 2.0
security
Rishabh_Gupta_7's avatar
Rishabh_Gupta_7
Icon for Nimbostratus rankNimbostratus
Oct 15, 2014
Would enabling "no sslv3" option and not modifying the cipher string, disable cipher strings utilizing SSLv3? For example I have a profile which has "default" set as its cipher string, and some may contain others, depending on the profile, can I just update the base profile to use option no sslv3 and would that overwrite everything else regarding sslv3 or do I need to even update the cipher string to default:!sslv3.