it.ucsf.edu

Security Update:The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications

Status Type

Security Update

Date and Time

Monday, April 15, 2019 - 13:27

Reason

Security update

Impact

VPN users

WHAT HAPPENED?

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications.

 

Advanced Users: For a complete description of the security enhancements and affected software refer to:

 

AFFECTED SYSTEM - Versions:

  • Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573)
  • Pulse Secure Connect Secure prior to 8.1R14, 8.2, 8.3R6, and 9.0R2
  • Cisco AnyConnect 4.7.x and prior

 

WHAT'S THE PROBLEM?

Exploitation of this vulnerability may allow a remote attacker to take control of an affected computer.

 

HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer for updates refer to the Article above and refer to vendors for appropriate updates, when available.

 

RELATED LINKS