Multiple VIPs have the CBC, IDEA, DES & POODLE vulnerabilities and below are the details, need help in remidaiting them.

Question

Version: BIG-IP 11.4.1 Build 637.0 Hotfix HF3&nbsp;
Current Cipher String: DEFAULT:!RSA+RC4:!SSLv3:!DES:!COMPAT:!ECDHE:!EXPORT:!3DES&nbsp;
CBC Vulnerability details:
Negotiated with the following insecure cipher suites: TLS 1.0
ciphers: TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHATLS 1.1 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHATLS 1.2 ciphers:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256&nbsp;
Negotiated with the following insecure cipher suites: TLS 1.0
ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHATLS 1.1
ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHATLS 1.2
ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA&nbsp;

ianb · Answer

Have a look at this question which relates to the same issue, and has already been answered&nbsp;

Forum Discussion

Multiple VIPs have the CBC, IDEA, DES & POODLE vulnerabilities and below are the details, need help in remidaiting them.

1 Reply

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Re: Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two