New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk?
New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk? The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that enterprise Virtual Private Network (VPN) products made by Cisco, Palo Alto Networks, F5 Networks and Pulse Secure have vulnerabilities that could compromise the security of users. The alert was issued in response to the disclosure made by the CERT Coordination Center (CERT/CC), the coordination center of the computer emergency response team for the Software Engineering Institute at Carnegie Mellon University. The following VPN products and versions, according to CERT/CC, store the cookie insecurely in log files: . Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573) . Pulse Secure Connect Secure prior to 8.1R14,…