Lower the Impact on the ProxySG Appliance of the PCRE Vulnerabilities Described in SA128


Article ID: 169117


Updated On:


Asset Management Solution Data Center Security Monitoring Edition ProxySG Software - SGOS


SGOS, the software that runs on all ProxySG appliances, includes vulnerable versions of the Perl Compatible Regular Expressions (PCRE).  A remote attacker can exploit these vulnerabilities and potentially gain access to sensitive information.


There is no resolution for this issue at the time of writing this article, (July 7, 2016). Monitor the release notes for upcoming versions of SGOS to identify when this issue has been resolved.


The ProxySG is only vulnerable to authenticated administrator users with write access. As a workaround, you can lower the risk and impact of these vulnerabilities by restricting your admin access:

  • Limit the amount of admin users with write access
  • Limit the amount of resources the admin users can access
  • Limit the admin access to only authorized subnets and IP addresses

Please read the following article for the technical details on how to restrict administrator access to the Visual Policy Manager: http://bluecoat.force.com/knowledgebase/articles/Solution/UsepolicytocontrolProxySGadministratoraccess