| Title | Multiple VPNs Subject to Compromise | |
| Date | Sunday April 14 2019, @12:33PM | |
| Author | Fnord666 | |
| Topic | ||
| from the good-luck,-I'm-behind-7-vpns dept. | ||
CERT Vulnerability Note VU#192371 released this week describes a vulnerability due to insecure Cookie or Authentication Token storage (in memory or log files) of several common VPNs. The vulnerability allows attackers able to either access an endpoint, or exfiltrate data from it, to replay sessions bypassing other authentication methods, thus gaining access to any resources the user can access through the VPN session.
Vulnerable vendors include
CISCO - "will incorporate this feedback into discussions for future design improvements of the Cisco AnyConnect VPN Solution"
F5 Networks, Inc - fixed it in version 12.1.3 and 13.1.0 and onwards
Palo Alto Networks - fixed in GlobalProtect Agent 4.1.1 and later for Windows, and GlobalProtect Agent 4.1.11 and later for macOS.
Pulse Secure - no statement yet
Known unaffected VPN vendors
Check Point Software Technologies
LANCOM Systems GMBH
pfSense
(Information is not yet available on an additional 230 vendors)
| Links |
printed from SoylentNews, Multiple VPNs Subject to Compromise on 2024-04-25 12:08:23