cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
149
Views
0
Helpful
0
Replies
Beginner

Cisco SSL Client-Less VPN, Java Compatibility Issues

Hello everyone, we are in a process to deploy Cisco Client-less VPN in our production environment but during our testing we face some challenges, please help me to answer below concerns.

  • SSL Vulnerabilities with no workarounds and fixes provided by Cisco.

Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asawvpn2

Cisco Adaptive Security Appliance Software SSL VPN Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ssl-vpn-dos

  • Some components of Clientless SSL VPN like RDP, SSL require the Java Runtime Environment(JRE) or is there any other way around?
  • In case of Java we observe following limitations
    • With Mac OSX and Windows OS, Java is not installed by default.
    • Firefox 52.0 and later does not support plug-ins, Native Apps (e.g. Citrix Receiver, MS Office apps, etc.) and Java
    • Compatibility issues with updated JRE versions
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here