An attack on TLS/SSL with the name FREAK is currently discussed in the media. A man in the middle attacker could downgrade a TLS/SSL connection to a very weak RSA export cipher. With todays computational power such connections can be easily decrypted.
Airlock WAF 5.x are not affected because RSA export ciphers are disabled in Apache httpd 2.4.7 and newer. See "resolution" below if you are using Airlock 5.0.
Airlock WAF 4.2.6.3 and 4.2.6.4 are not affected if using the default SSL configuration. This is because the default cipher suite does not contain RSA export ciphers.
For Airlock 5.0
If "Allow low strength ciphers" or any custom defined cipher suite containing RSA export ciphers is configured on a virtual host, hotfix HF5003 is needed.
For Airlock 4.2.6.3 and 4.2.6.4
If "Allow low strength ciphers" or any custom defined cipher suite containing RSA export ciphers is configured on a virtual host, we recommend to disable RSA export ciphers by disabling "Allow low strength ciphers" or by removing the ciphers from custom defined cipher suites.
Otherwise no action is required.