CVE-2014-8730 Padding issue

Incorrect TLS padding could be accepted when terminating TLS 1.x CBC cipher connections. F5 has fetched CVE-2014-8730 for this issue. This issue does not affect the management interface, only th...
Published Dec 08, 2014
Version 1.0
security
goutham's avatar
goutham
Icon for Nimbostratus rankNimbostratus
Dec 10, 2014
Hello jeff, I am running 11.4.0 HF5..can I just address the padding issue by removing !SSLv3 from the cpher string "!SSLv3:RC4-SHA"?? what I meant to say is I dont want to disable SSLv3 and at the same time I want to address the new padding (TLS1.x) issue..