Picture this: a feature from a security appliance that willingly dispatches its password hashes to any device on the network. That is precisely what WatchGuard's SSO does under certain circumstances. Does a bad feature warrant filing a CVE? I'm not sure.
This is an automated archive.
The original was posted on /r/netsec by /u/ezzzzz on 2023-10-08 23:26:00+00:00.
