General Discussion CVE-2019-14899 hijacking VPN connections

UTM Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
+1 person also asked this people also asked this
Locked Locked
Replies 9 replies
Subscribers 11 subscribers
Views 4494 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2019-14899 hijacking VPN connections

ThorstenSult over 4 years ago

Hi,

Is it known to what extent Sophos products are affected by the vulnerability?

https://www.terabitweb.com/2019/12/06/cve-2019-14899-vpn-flaw-html/

This thread was automatically locked due to age.

Parents

+1 KingChris over 4 years ago

Hi ThorstenSult

I have received feedback from the development team.

They have stated that the XG is not affected by this vulnerability as per analysis of this CVE shows that affects route based VPNs. As the XGs VPN capabilities are only policy based, this should not affect the XG even if the XG acts as a client in the SSL VPN site-to-site configuration.

There will be a KB article written up to reflect this same information.

Thanks!

KingChris
Community Support | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel
+1 KingChris over 4 years ago in reply to KingChris

Hi Community,

Herewith is the KB article that addresses any concerns surrounding this CVE number.

https://www.sophos.com/kb/134996

Thanks!

KingChris
Community Support | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel

Reply

+1 KingChris over 4 years ago in reply to KingChris

Hi Community,

Herewith is the KB article that addresses any concerns surrounding this CVE number.

https://www.sophos.com/kb/134996

Thanks!

KingChris
Community Support | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 ThorstenSult over 4 years ago in reply to KingChris

Thank you for the feedback and for your effort!
Cancel
Vote Up 0 Vote Down

Cancel