Urgent Security Notice: NetExtender VPN Client 10.X, SMA 100 Series Vulnerability
today a Security Notice came in, regarding a Vulnerability on SSL-VPN, which seems to affect SSL-VPN on Firewalls and SMA 100 series.
The notice does not disclose much information but it's sending a mixed message.
At one side it says:
- Use a firewall to only allow SSL-VPN connections to the SMA appliance from known/whitelisted IPs
- Disable NetExtender access to the firewall(s) or restrict access to users and admins via an allow-list/whitelist for their public IPs
Duh? There are no known public IPs for remote access, so I guess we can ignore this all the way.
And the mitigation actions just show some policy examples to restrict the access to resources for established connections, which is Configuration 101.
So what is it? Is the authentication on a SMA vulnerable? Then just the allowed resources are at risk?
I actually don't get it.