Responding to the Cisco CMP Vulnerability

This past Friday Cisco publicly disclosed a software vulnerability in the  Cisco Cluster Management Protocol in Cisco IOS and Cisco IOS XE software.  The following is our action report for clients utilizing Cisco devices. Summary CVE-2017-3881 is a critical vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE software … Continue reading Responding to the Cisco CMP Vulnerability

Responding to Ticketbleed

Today Cloudflare publicly disclosed a software vulnerability in the F5 BIG-IP appliance. The following is our action report for clients utilizing the BIG-IP appliance.  It is worth noting that this only impacts appliances running the non-default Session Tickets option. Summary Ticketbleed is a high severity software vulnerability in the TLS stack of F5 BIG-IP appliances allowing a … Continue reading Responding to Ticketbleed