SMAConnectAgent exposes Username/Password in SSO Bookmarks
BWC
Cybersecurity Overlord ✭✭✭
Hi,
today a customer reported that Username and Passwort got exposed in cleartext in the SMAConnectAgent log on each endpoint. This behavior is fixed with SMA Firmware 10.2.0.3 which brings SMAConnectAgent 1.1.33.
It happens when connecting to a Bookmark with SSO enabled and needs the SMAConnectAgent running, like Native RDP Bookmark.
Most of you probably already updated, but the Log File might be still on the endpoint, you should check and remove it.
C:\ProgramData\sonicwall\SMAConnectAgent
Sorry if this is old news, but I wasn't paying enough attention, maybe so do you.
--Michael@BWC
Category: Secure Mobile Access Appliances
0