US-CERT Warns of Cisco, Juniper Security Flaws
The flaw lies in technology known as SSL VPN.
The flaw lies in technology known as SSL VPN and if exploited, could allow hackers to gain broad access to corporate networks, steal confidential data, install malicious software or turn PCs into spam servers. US-CERT researchers have come up three "workarounds" that will minimize, but not eliminate, the risk of an attack.
According to the San Jose Business Journal, Juniper has known about the vulnerability for several years, but told users that workarounds reduce the risks so they don't need to worry about them.
Cisco is no stranger to security flaws. In September, Cisco patched a DoS vulnerability that affected multiple products.