Some enterprise VPN apps store authentication/session cookies insecurely

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
VPN apps from Cisco, F5, Palo Alto Networks, and Pulse Secure found vulnerable.

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC).

VPN apps from Cisco, F5 Networks, Palo Alto Networks, and Pulse Secure are impacted, CERT/CC analyst Madison Oliver said in a security alert published earlier today.
All four have been confirmed to store authentication and/or session cookies in an non-encrypted form inside a computer's memory or log files saved on disk.
An attacker with access to the computer, or malware running on the computer, can retrieve this information and then use it on another system to resume the victim's VPN sessions without needing to authenticate. This allows an attacker direct and unimpeded access to a company's internal network, intranet portals, or other sensitive applications.
 
  • Like
Reactions: upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top