Skip to main content
Skip table of contents

ISN 2020-06: IGEL Cloud Gateway (ICG) Various Vulnerabilities

Announced 15 July 2020

Score: High

Various security issues, among them 3 rated as high, have been discovered in IGEL Cloud Gateway (ICG) before version 2.02.100.

Details

A penetration test commissioned by IGEL has found an issue in the authentication mechanism between UMS and ICG. Furthermore, there were some missing or not strict enough authorization checks in the communication between UMS, ICG and the endpoint devices. Finally, there was information disclosure in the server status response and in the ICG log files.

Update Instructions

  • Update to IGEL Cloud Gateway 2.02.100 or newer.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.