I have my XG230 SSLVPN's authenticated via my AD server sitting behind the firewall. Now I know I can see the users on the Authentication--> Users page. Theoretically, the users' passwords are not actually stored on the firewall itself, correct? So this SQL injection attack should not have been able to access the users' passwords, correct? Or is that still to be determined?
This thread was automatically locked due to age.