Lower the Impact on the ProxySG Appliance of the PCRE Vulnerabilities Described in SA128
Last Updated August 02, 2018
SGOS, the software that runs on all ProxySG appliances, includes vulnerable versions of the Perl Compatible Regular Expressions (PCRE). A remote attacker can exploit these vulnerabilities and potentially gain access to sensitive information.
There is no resolution for this issue at the time of writing this article, (July 7, 2016). Monitor the release notes for upcoming versions of SGOS to identify when this issue has been resolved.
The ProxySG is only vulnerable to authenticated administrator users with write access. As a workaround, you can lower the risk and impact of these vulnerabilities by restricting your admin access:
Limit the amount of admin users with write access
Limit the amount of resources the admin users can access
Limit the admin access to only authorized subnets and IP addresses