Since it’s been about 3 months since POODLE, we’re clearly overdue for another major vulnerability in SSL and/or TLS. Fortunately for us, the research team at SmackTLS has released details of the FRE...
I thing removing the RSA key exchange cipher for HTTPS monitor is difficult solution for many production site.
Because many servers may only accept RSA key exchange only.
And I know some users started to use HTTPS monitor over internet, as BIG-IP is located on internet (Virtual Edition on AWS), I think this vulnerability should be treated as higher priority shouldn't it?