Blog

Patch Available for CVE-2014-8730 Padding Flaw

A10 Blog / Cyber Security / Patch Available for CVE-2014-8730 Padding Flaw

September 23, 2016

A10 Thunder ADC appliances running ACOS versions 2.7.2 P3 or earlier are susceptible to a TLS padding attack. The TLS padding flaw, identified as CVE-2014-8730, is a new variant of the POODLE vulnerability disclosed in October. The TLS padding flaw can be exploited remotely, allowing an attacker to decrypt sensitive data in the SSL connection.

Vulnerability Assessment

Affected Platforms: ADC

Affected Software Versions: 2.6.1-GR1, 2.7.x

Software Updates

A10 advises customers to apply software patches to mitigate this vulnerability. Patches for the CVE-2014-8730 padding flaw and the CVE-2014-3566 POODLE vulnerability and are available on the A10 Support Portal.

For more information, A10 customers may view the CVE-2014-8730 security advisory.

Share this post:

Categories:

Cyber Security

A10 PSIRT Team

September 23, 2016

A10 to Secure and Deliver AI Applications and Help Increase Cyber Resilience

Enterprise

Service Providers

DDoS Attackers Uncovered: Understanding the DDoS Landscape

Product Support Overview

Find the Next Step in Your Career at A10 Networks

Patch Available for CVE-2014-8730 Padding Flaw

Vulnerability Assessment

Software Updates

Share this post:

A10 to Secure and Deliver AI Applications and Help Increase Cyber Resilience

Service Providers

DDoS Attackers Uncovered: Understanding the DDoS Landscape

Product Support Overview

Find the Next Step in Your Career at A10 Networks

Patch Available for CVE-2014-8730 Padding Flaw

Share this post:

Vulnerability Assessment

Software Updates

Share this post:

CBS: ‘Ugly List’ Instagram Phishing Scam Targets Children, Young Users

Reducing the Cost of Microsoft Lync Deployments with Virtualization

Related Resources