US-CERT Warns of Cisco, Juniper Security Flaws

The flaw lies in technology known as SSL VPN.

 By Kara Reeder
Page of   |  Back to Page 1
Print Article
The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about flaws in equipment from four companies -- Cisco, Juniper, SonicWall and SafeNet -- that hackers can exploit to break into corporate computer networks, reports Reuters.

The flaw lies in technology known as SSL VPN and if exploited, could allow hackers to gain broad access to corporate networks, steal confidential data, install malicious software or turn PCs into spam servers. US-CERT researchers have come up three "workarounds" that will minimize, but not eliminate, the risk of an attack.

According to the San Jose Business Journal, Juniper has known about the vulnerability for several years, but told users that workarounds reduce the risks so they don't need to worry about them.

Cisco is no stranger to security flaws. In September, Cisco patched a DoS vulnerability that affected multiple products.

This article was originally published on Dec 3, 2009
Get the Latest Scoop with Networking Update Newsletter