Juniper issues Heartbleed security alert for VPN, switches

On April 9, Juniper Networks issued a security advisory for users of version 7 of its Secure Access SSL VPN (IVEOS) because of its vulnerability to the OpenSSL Heartbleed exploit, an attack that could expose user data through malicious use of the Transport Layer Security "Heartbeat" extension. This morning, the company added a number of other VPN and switch products to its  security advisory, including the most recent release of the Junos OS and its Junos Pulse and IVEOS SSL virtual private networks.

"We are working around the clock to provide fixed versions of code for our affected products," the company's security team said in the advisory.

The affected products are:

Read 2 remaining paragraphs | Comments