This week Cisco have identified a vulnerability for customers using their network security devices and their software that supports virtual private network connections to corporate networks.
This means that any firewall, or device configured with WebVPN clientless VPN software are vulnerable to a web based network attack that could bypass the devices security.
The affected systems are devices running Cisco’s ASA software with WebVPN enabled.
ASA, ISA and Firepower devices – see here for exact list
Cisco has issued a patch for the vulnerability for customer's with maintenance contracts - for customers without current maintenance contracts they have noted to contact Cisco’s Technical Assistance Center (TAC) to obtain the patch.
The three pillars of Mirus are:
Delivering outstanding service.
Offering strategically successful solutions.
Providing consistent customer satisfaction.