Is Safeguard for Privileged Passwords affected by the following vulnerabilities?
CVE-2022-21849
CVE-2022-21907
It has been confirmed by engineering that Safeguard for Privileged Passwords and Safeguard for Privileged Passwords On Demand are NOT vulnerable.
CVE-2022-21849
SPP does not use IKE. In Safeguard On Demand (FastSaaS), Azure IPSec VPN may be used to connect to the customer network. The Safeguard On Demand side of this connection uses the Azure VPN component which has been patched by Microsoft
CVE-2022-21907
Safeguard does use the HTTP protocol stack (HTTP.sys), but we do not set the registry value "EnableTrailerSupport".
© ALL RIGHTS RESERVED. Feedback Termini di utilizzo Privacy Cookie Preference Center