Forum Discussion
shaggy
Oct 20, 2014Nimbostratus
The solution is applicable to both client-side and server-side profiles.
https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
"If you are running 11.5.0 or later, your default clientssl and serverssl profiles do not contain SSLv3 ciphers and SSLv3 cannot be negotiated. If your SSL profile derives from these profiles, your application is not vulnerable. On all versions, you can disable SSLv3 ciphers by adding the string “!SSLv3” to your clienssl or serverssl profile. The procedure to change your ciphers is well described in SOL 13171."