Multiple Vulnerabilities in Pulse Secure VPN

The CERT Coordination Center CERT/CC has released information on multiple vulnerabilities affecting Pulse Secure Virtual Private Network VPN. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been targeted by advanced persistent thre...

NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities

The National Security Agency NSA has released an advisory on advanced persistent threat APT actors exploiting multiple vulnerabilities in Virtual Private Network VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and...

Multiple VPN applications insecurely store session cookies

A research of Software Engineering Institute of the Carnegie Mellon University shows that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. CVE: CVE-2019-1573 CVE-2016-8201 Last updated: April 12, 2019, 8:17 p.m...

Vulnerability in Multiple VPN Applications

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting multiple Virtual Private Network VPN applications. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...

VPN applications insecurely store session cookies

Overview Multiple Virtual Private Network VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. Description Virtual Private Networks VPNs are used to create a secure connection with another network over the internet. Multiple VPN applications stor...