Cisco and Palo Alto Networks appliances impacted by Kerberos authentication bypass

Cisco Systems and Palo Alto Networks have fixed similar high-risk authentication bypass vulnerabilities in their network security devices that were caused by an oversight in the implementation of the Kerberos protocol. Man-in-the-middle (MitM) attackers could exploit these weaknesses to get administrative control over the appliances.

Researchers from security firm Silverfort discovered both vulnerabilities, which are similar and could potentially exist in other Kerberos implementations. Cisco patched the flaw earlier this month and Palo Alto Networks this week.

To read this article in full, please click here