On April 11, 2019, CERT/cc published a vulnerability note ( VU#192371) describing a vulnerability on how different VPN implementations store session cookies within system memory.
Cisco investigated this issue and determined Cisco AnyConnect is not vulnerable to the behavior described in VU#192371 with regard to storing session tokens in log files. Cisco PSIRT is not aware of any situation where a currently valid session token is written to log files. This is documented in Cisco Bug ID CSCvk10249.
Cisco AnyConnect stores session cookies within system memory to support resumption of Clientless VPN sessions. The storage of the session cookie within process memory of the client and in cases of Clientless sessions the web browser while the sessions are active are not considered to be an unwarranted exposure. These values are required to maintain the operation of the session per design of the feature should session re-establishment be required due to network interruption. We have documented the concerns and the engineering teams will incorporate this feedback into discussions for future design improvements of the Cisco AnyConnect VPN solution.
It should also be noted that all session material stored by both the Cisco AnyConnect Client and Clientless solutions are destroyed once the sessions is deliberately terminated by the client.
Appreciate your inputs on the following:
Customer wants to apply policy to VPN users based on - is the machine an AD member or not, so basically return corporate policy or BYOD policy to VPN.
My first go was to utilise AD profiling...
Hi All,What's the best and simplest way to upgrade from 2.3 to 2.7 (Think 2.3 is out of TAC support)Current deployment - Fully Distributed all appliances PAN/sPAN (3595) - pMON/sMON (3515) - 8x PSN (3515)What's the switch IOS version compatibility re...
HelloPlease here iam running with my ASA5606-x Firepower. Unfortunatly me LAN side arnt possible to reach the (ISP) Internet. Ping inside the LAN are possible also ping the firewall are ok. i think the configuration are mede simple g1/1 WAN - Outside...
Dear Community,I read in a post online recently that in some instances pushing policy to your FTD's from the FMC may cause the Snort process to restart, potentially causing traffic disruption. I was wondering if the following actions may cause traffic dis...
Hi community, I have a General Question regarding the "Basic" licensing of the ISE.We have now have similar to the DNA licenese:- Essentials- Advanage- PremierLicense band, different Terms and so on.But:Do I Need a License per device (like a switch) ...