Vulnerabilities > Cisco > DUO Network Gateway
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-14 | CVE-2020-3483 | Insufficiently Protected Credentials vulnerability in Cisco DUO Network Gateway Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. | 3.3 |
2019-04-17 | CVE-2018-7340 | Improper Authentication vulnerability in Cisco DUO Network Gateway Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | 5.0 |