Lower the Impact on the ProxySG Appliance of the PCRE Vulnerabilities Described in SA128

book

Article ID: 169117

calendar_today

Updated On:

Products

Asset Management Solution Data Center Security Monitoring Edition ProxySG Software - SGOS

Issue/Introduction

SGOS, the software that runs on all ProxySG appliances, includes vulnerable versions of the Perl Compatible Regular Expressions (PCRE).  A remote attacker can exploit these vulnerabilities and potentially gain access to sensitive information.

Resolution

There is no resolution for this issue at the time of writing this article, (July 7, 2016). Monitor the release notes for upcoming versions of SGOS to identify when this issue has been resolved.

Workaround

The ProxySG is only vulnerable to authenticated administrator users with write access. As a workaround, you can lower the risk and impact of these vulnerabilities by restricting your admin access:

  • Limit the amount of admin users with write access
  • Limit the amount of resources the admin users can access
  • Limit the admin access to only authorized subnets and IP addresses

Please read the following article for the technical details on how to restrict administrator access to the Visual Policy Manager: http://bluecoat.force.com/knowledgebase/articles/Solution/UsepolicytocontrolProxySGadministratoraccess