Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


SMAConnectAgent exposes Username/Password in SSO Bookmarks

BWCBWC Cybersecurity Overlord ✭✭✭


today a customer reported that Username and Passwort got exposed in cleartext in the SMAConnectAgent log on each endpoint. This behavior is fixed with SMA Firmware which brings SMAConnectAgent 1.1.33.

It happens when connecting to a Bookmark with SSO enabled and needs the SMAConnectAgent running, like Native RDP Bookmark.

Most of you probably already updated, but the Log File might be still on the endpoint, you should check and remove it.


Sorry if this is old news, but I wasn't paying enough attention, maybe so do you.


Category: Secure Mobile Access Appliances
Sign In or Register to comment.