Is version 11.5.3.0.0.163 Vulnerable to these attacks Beast/Poddle

Question

&nbsp;TLS/SSL Server is enabling the BEAST attack

&nbsp;TLS/SSL Server is enabling the POODLE attack&nbsp;

charlescs · Answer

According to SOL13400, version 11.5.3 is vulnerable to BEAST but you can mitigate the issue by using only TLS1.1, TLS1.2, or RC4-SHA ciphers.&nbsp;
According to SOL15702, 11.5.3 is not vulnerable to POODLE. You can also provide additional mitigation by preventing use of SSLv3 ciphers. &nbsp;

Forum Discussion

Is version 11.5.3.0.0.163 Vulnerable to these attacks Beast/Poddle

1 Reply

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Re: Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform