Cisco Security Advisory
OneLogin Breach Guidance for Cisco Customers
-
OneLogin, Inc. is an identity access management solutions provider. On May 31, 2017, OneLogin, Inc. notified its customers of a security incident through a post on its blog platform. According to the blog post, an attack against the OneLogin infrastructure resulted in the loss of information about users, applications, and some types of keys.
The OneLogin solution can be configured to interact with multiple Cisco products and solutions, including Cisco WebEx and Cisco Cloud Web Security. Cisco highly recommends that customers who are using OneLogin solutions with Cisco products and services log in to the OneLogin support site and follow the mitigation steps delineated there.
Additional Information
The OneLogin public disclosure is available at the following link:
https://www.onelogin.com/blog/may-31-2017-security-incident
OneLogin has remediation steps accessible only to OneLogin customers at the following URL:
https://support.onelogin.com/hc/en-us/articles/115002695483-2017-05-31-OneLogin-Security-Incident-Action-Required?flash_digest=baa8324f167571e72c4a4f9c8ca0987ea884316e
These steps should be followed in full prior to proceeding, in particular the section titled “Generate new certificates for your apps that use SAML SSO.”
Additional support information may be available directly from the OneLogin customer support portal.
Customers concerned about the possible impact of the OneLogin attack should contact their OneLogin support channel.
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Version Description Section Date 2.0 First Update Additional Information. Added URL to support site. 2017-June-05 1.0 Initial release. - 2017-June-03
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.