|
|
|
|
|
|
by fulafel
2756 days ago
|
|
|
A the risk of stating the obvious: using a VPN would not really protect you this vulnerability, though it would mitigate your exposure (a lot or a little depending on your setup and threat model). edit: to clarify, vpn/vpc requirement would turn CVE-2018-1002105 from a pre-auth to a post-auth vulnerability, right? Which might be a big or small help depending on how controlled your user pool and signup process is. |
|
|