Skip to main content Skip to search
Blog

Patch Available for CVE-2014-8730 Padding Flaw

A10 Thunder ADC appliances running ACOS versions 2.7.2 P3 or earlier are susceptible to a TLS padding attack. The TLS padding flaw, identified as CVE-2014-8730, is a new variant of the POODLE vulnerability disclosed in October. The TLS padding flaw can be exploited remotely, allowing an attacker to decrypt sensitive data in the SSL connection.

Vulnerability Assessment

Affected Platforms: ADC

Affected Software Versions: 2.6.1-GR1, 2.7.x

Software Updates

A10 advises customers to apply software patches to mitigate this vulnerability. Patches for the CVE-2014-8730 padding flaw and the CVE-2014-3566 POODLE vulnerability and are available on the A10 Support Portal.

For more information, A10 customers may view the CVE-2014-8730 security advisory.