CVE-2014-3566: Removing SSLv3 from BIG-IP

The POODLE (CVE-214-03566) vulnerability can force a client to negotiate SSLv3 instead of TLSv1.x ciphers. Then a BEAST-like attack can be conducted against SSLv3 to obtain information from the encry...
Updated Mar 18, 2022
Version 2.0
security
John_Heyer_1508's avatar
John_Heyer_1508
Icon for Cirrostratus rankCirrostratus
Dec 11, 2014
I upgraded to 11.5.1 HF6 and SSL labs now reports that TLS_FALLBACK_SCSV is supported. Didn't see anything about it in the release notes. Weird.