Vulnerabilities > Cisco > DUO Network Gateway
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-14 | CVE-2020-3483 | Insufficiently Protected Credentials vulnerability in Cisco DUO Network Gateway Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. | 3.3 |
| 2019-04-17 | CVE-2018-7340 | Improper Authentication vulnerability in Cisco DUO Network Gateway Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | 5.0 |