At F5 Networks we have seen a good deal of confusion over these two CVEs ever since they appeared late last year. As this is ongoing, we felt it needs to be addressed. The confusion is totally unders...
Hi Megazone, good stuff. Please make me understand the solution in SOL15882. We want fix this as upgrading might take us few months. Using the cipher !SSLv3:AES-GCM:RC4-SHA explicitily will disable/un-match the SSLv3:AES-GCM:RC4-SHA cipher because of the "!" regex. Don`t we need to disable/un-match all CBC related ciphers here? Moreover we are on 11.5.1 HF3, so sslv3 is already disabled.