orange_193813
Mar 26, 2015Nimbostratus
TLS POODLE Vulnerability
Hi, We have configured DEFAULT:!SSLv3:!TLSv1 in the cipher settings in for each SSL certificate but when we do a scan we still see that the message in the scan on https://www.ssllabs.com as "This server is vulnerable to the POODLE attack against TLS servers. Patching required. Grade set to F". Could someone please advise if there is any more configuration setting that can be done to elimintae this attack other than upgrading the software to latest 11.5.xx? Below is the F5 version details F5 Version: BIG-IP 11.2.1 Build 807.0 Hotfix HF1
Thanks in advance for the reply.