Cisco, Juniper find "Heartbleed" security hole in products

|About: Cisco Systems, Inc. (CSCO)|By:, SA News Editor

Cisco (CSCO) and Juniper Networks (JNPR) have found the "Heartbleed" encryption flaw in some of their products, including routers, switches, servers, and firewalls.

The ubiquitous nature of the products makes the bug harder to eliminate, and hackers may be able to steal sensitive data such as passwords and credit-card information as it travels across networks.

Cisco is investigating 65 products and has confirmed 16 as being vulnerable.

Juniper's VP of Corporate Communications, Michael Busselen, said the exposure for customers "is minimal," as the problem affected only one product. However, spokesman Corey Olfert warned that updating Juniper equipment could take a while. "It doesn't sound like a flip the switch sort of thing," said Olfert. "I don't know how quickly they can be resolved."

Meanwhile, Intel (INTC) was still working on a patch for its McAfee security products as of yesterday.

Vulnerable Cisco products.