When configuring settings (with a normal security policy whether single VSYS or multiple VSYS) it is set together with Inbound SSL Decryption policy, detection of SSL relevant vulnerability by the security profile (vulnerability) failed.
Cause
After the inbound SSL decryption is set, the threat engine only sees decrypted data and does not have a chance to see the SSL version number (SSL3.0), which is in the SSL handshake hello packets. So the SSL v3 vulnerability is not identified in this setting.
Details
The vulnerabilities listed below apply to this scenario: