For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

CVE-2014-3566: Removing SSLv3 from BIG-IP

The POODLE (CVE-214-03566) vulnerability can force a client to negotiate SSLv3 instead of TLSv1.x ciphers. Then a BEAST-like attack can be conducted against SSLv3 to obtain information from the encry...
Updated Mar 18, 2022
Version 2.0
security
Jeff_Costlow_10's avatar
Jeff_Costlow_10
Historic F5 Account
Oct 15, 2014
TLS_FALLBACK_SCSV is not currently implemented for the data plane. It is on the roadmap and being evaluated.