Security Operations

578 readers

1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 2 years ago

MODERATORS

L3s

WatchGuard Firewall Clientless SSO sends out its password hashes to random devices on the network. (projectblack.io)

submitted 1 year ago by L4s to c/secops

1 comments fedilink hide all child comments

WatchGuard Firewall Clientless SSO sends out its password hashes to random devices on the network.::Picture this: a feature from a security appliance that willingly dispatches its password hashes to any device on the network. That is precisely what WatchGuard's SSO does under certain circumstances. Does a bad feature warrant filing a CVE? I'm not sure.

you are viewing a single comment's thread
view the rest of the comments

[–] sebinspace 3 points 1 year ago

Why in the fuck would you do that?

permalink
fedilink
source