US-CERT Warns of Cisco, Juniper Security Flaws

The flaw lies in technology known as SSL VPN.

By Kara Reeder | Posted Dec 3, 2009
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about flaws in equipment from four companies -- Cisco, Juniper, SonicWall and SafeNet -- that hackers can exploit to break into corporate computer networks, reports Reuters.

The flaw lies in technology known as SSL VPN and if exploited, could allow hackers to gain broad access to corporate networks, steal confidential data, install malicious software or turn PCs into spam servers. US-CERT researchers have come up three "workarounds" that will minimize, but not eliminate, the risk of an attack.

According to the San Jose Business Journal, Juniper has known about the vulnerability for several years, but told users that workarounds reduce the risks so they don't need to worry about them.

Cisco is no stranger to security flaws. In September, Cisco patched a DoS vulnerability that affected multiple products.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter