AnsweredAssumed Answered

Zombie Poodle F5

Question asked by Steve Harris on May 22, 2019

Hi all,


Bit of a strange one, we've scanned all our perimeter certificates with SSL Labs to check against the recent Zombie Poodle / GoldenNoodle vulnerabilities. 


All the certificates that terminate against our F5 are showing as vulnerable to Zombie Poodle except one.

It's my understanding that all you need to do on the F5 is update to the non vulnerable version, there are no config changes required for remediation.


Our network team who manage the F5 have checked the F5 SSL profiles and are saying they are identical.

We've logged calls with both Qualys and F5 support to try and get to the bottom of the issue, has anyone experienced similar or got any suggestions? 


(I have also scanned with a different online SSL checker and get the same results)