A flaw in the design of Secure Socket Layer (SSL) version 3.0 has been discovered that may allow a network attacker to force a client to negotiate an SSL handshake using SSL version 3.0 ciphers instead of Transport Layer Security (TLS) version 1.x ciphers. The attacker can then perform an attack to calculate the plaintext of secure connections. This vulnerability is referred to as “POODLE”. (CVE-2014-3566)
Impact
Attackers may be able to calculate the plaintext of secure connections.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.3.0 | |
big-ip afm | eq | 11.4.0 | |
big-ip afm | eq | 11.4.1 | |
big-ip afm | eq | 11.5.0 | |
big-ip afm | eq | 11.5.1 | |
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.6.0 | |
big-ip afm | eq | 11.6.1 | |
big-ip afm | eq | 12.0.0 |