cisco_01_157892
May 04, 2015Nimbostratus
TLS Poodle and RC4 vulnerability : default:!SSLv3:!RC4-SHA
We are running F5 LTM version 11.4.1 hostfix 4 Recently we disabled the RC4 weak CIPHER to remove the Minimal warning from our scan.
But due to the recent arrival of Poodle TLS vulnarability we had to introduce !SSLv3:RC4-SHA which brought back the Minimal warning for having RC4 in the acceptable CIPHER.
How can we over come this? Removing Poodle TLS padding vulnerability returns RC4 warning