REN-ISAC Advisory: Important Vulnerabilities in Multiple SSL VPN Products

[Cal Krzywiec <calvin () REN-ISAC NET>]

Greetings,

The REN-ISAC has issued the attached security advisory to call attention
to several high-severity vulnerabilities in SSL VPN products including
Fortinet FortiGuard, Palo Alto Networks, and Pulse Secure. In some
cases, public exploit code for these vulnerabilities has been released,
and recent scanning activity has been observed.

Given the security functions these products serve and their typical
exposure on the network, REN-ISAC encourages operators to review the
vulnerability details and take appropriate action.

Questions or comments can be referred to soc () ren-isac net.

On behalf of the REN-ISAC team,

Calvin Krzywiec
Principal Security Engineer
REN-ISAC
soc () ren-isac net

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: REN-ISAC_Advisory_Multiple_SSLVPN_Vulnerabilities_v1.pdf
Description:

Attachment: signature.asc
Description: OpenPGP digital signature