Incorrect TLS padding could be accepted when terminating TLS 1.x CBC cipher connections. F5 has fetched CVE-2014-8730 for this issue.
This issue does not affect the management interface, only th...
arai.a: Correct, This issue does not affect the management GUI.
goutham: Your proposed cipher string of "RC4-SHA" would avoid this issue as well as SSLv3 POODLE. However, RC4 has known weaknesses and should not be a long term solution. I would suggest patching when possible.
Josh: Disabling ADH ciphers is probably not a problem for anyone; ADH is rarely used. I agree with your conclusion that AES-GCM may be restrictive until more browsers have been updated.