{"id":7991,"date":"2019-11-20T11:14:11","date_gmt":"2019-11-20T10:14:11","guid":{"rendered":"http:\/\/blog.actn.fr\/?p=7991"},"modified":"2019-11-20T11:14:11","modified_gmt":"2019-11-20T10:14:11","slug":"communique-sophos-vulnerabilite-de-lexecution-du-code-a-distance-du-pare-feu-xg","status":"publish","type":"post","link":"https:\/\/blog.actn.fr\/?p=7991","title":{"rendered":"Communiqu\u00e9 SOPHOS : Vuln\u00e9rabilit\u00e9 de l'ex\u00e9cution du code \u00e0 distance du pare-feu XG"},"content":{"rendered":"

\t\t\t\t\n\nSophos publie un communiqu\u00e9 \u00e0 l’attention de tous les utilisateurs de firewall de la gamme XG :\n\n\n

Cher propri\u00e9taire de pare-feu Sophos XG,<\/em><\/strong><\/p>\n\n\n\n\n

Une vuln\u00e9rabilit\u00e9 RCE (Remote Code Execution) dans le firmware du pare-feu Sophos XG a r\u00e9cemment \u00e9t\u00e9 d\u00e9couverte et communiqu\u00e9e de mani\u00e8re responsable \u00e0 Sophos par un chercheur externe en s\u00e9curit\u00e9. Un correctif a d\u00e9j\u00e0 \u00e9t\u00e9 publi\u00e9 et automatiquement appliqu\u00e9 \u00e0 tous les pare-feu XG concern\u00e9s qui ont \u00e9t\u00e9 activ\u00e9s pour les mises \u00e0 jour automatiques. <\/em><\/strong><\/p>\n\n\n\n\n

Le correctif est \u00e9galement inclus dans la derni\u00e8re version de maintenance, la version XG v17.5-MR9. Dans les deux situations ci-dessus, aucune mesure n’est requise.<\/em><\/strong><\/p>\n\n\n\n\n

Si vous n’avez pas activ\u00e9 les mises \u00e0 jour automatiques, le moyen le plus rapide d’appliquer le correctif est d’activer les mises \u00e0 jour automatiques qui permettent d’appliquer le correctif. Alternativement, si vous pr\u00e9f\u00e9rez mettre \u00e0 jour vers la version v17.5-MR9, veuillez vous rendre sur MySophos pour t\u00e9l\u00e9charger cette version de maintenance.<\/em><\/strong><\/p>\n\n\n\n\n

Pour plus d’informations sur la v\u00e9rification de la version hotfix appliqu\u00e9e au pare-feu XG, reportez-vous \u00e0 KBA134852<\/a>. Cette KBA propose \u00e9galement un lien vers la liste des derni\u00e8res informations hotfix par version du firmware du pare-feu XG.<\/em><\/strong><\/p>\n\n\n\n\n

Meilleures salutations,<\/em><\/strong>\nVotre \u00e9quipe Sophos<\/em> <\/strong><\/p>\n\n\nVersion originale du communiqu\u00e9 en anglais \u00bb<\/a>\n\n\n

+ D\u2019INFO\n<\/span><\/strong><\/span><\/h3>\n\n\nVoir la gamme SOPHOS disponible chez ACTN \u00bb<\/a><\/strong>\nPour toute question, contactez notre service commercial 05 62 487 485.<\/strong>]]>\t\t<\/p>\n","protected":false},"excerpt":{"rendered":"<\/a>

\t\t\t\t\t\t<\/p>\n","protected":false},"author":2,"featured_media":4145,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[35],"tags":[536,1150,1288],"class_list":["post-7991","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sophos","tag-firewall","tag-sophos","tag-utm"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/wp\/v2\/posts\/7991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7991"}],"version-history":[{"count":0,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/wp\/v2\/posts\/7991\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/blog.actn.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.actn.fr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}