{"id":1272635,"date":"2024-08-08T23:47:02","date_gmt":"2024-08-09T01:47:02","guid":{"rendered":"https:\/\/teknomers.com\/fr\/une-faille-de-securite-critique-dans-whatsup-gold-fait-lobjet-dune-attaque-active-corrigez-la-maintenant\/"},"modified":"2024-08-08T23:47:07","modified_gmt":"2024-08-09T01:47:07","slug":"une-faille-de-securite-critique-dans-whatsup-gold-fait-lobjet-dune-attaque-active-corrigez-la-maintenant","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/une-faille-de-securite-critique-dans-whatsup-gold-fait-lobjet-dune-attaque-active-corrigez-la-maintenant\/","title":{"rendered":"Une faille de s\u00e9curit\u00e9 critique dans WhatsUp Gold fait l&#8217;objet d&#8217;une attaque active &#8211; Corrigez-la maintenant"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">08 ao\u00fbt 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Vuln\u00e9rabilit\u00e9 \/ S\u00e9curit\u00e9 du r\u00e9seau<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/Une-faille-de-securite-critique-dans-WhatsUp-Gold-fait-lobjet.png\" style=\"display: block; text-align: center; clear: left; float: left;\"><\/a><\/div>\n<p>Une faille de s\u00e9curit\u00e9 critique affectant Progress Software WhatsUp Gold fait l&#8217;objet de tentatives d&#8217;exploitation actives, ce qui rend essentiel que les utilisateurs agissent rapidement pour appliquer la derni\u00e8re version.<\/p>\n<p>La vuln\u00e9rabilit\u00e9 en question est <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-4885\" target=\"_blank\">CVE-2024-4885<\/a> (Score CVSS\u00a0: 9,8), un bogue d&#8217;ex\u00e9cution de code \u00e0 distance non authentifi\u00e9 affectant les versions de l&#8217;application de surveillance r\u00e9seau publi\u00e9es avant 2023.1.3.<\/p>\n<p>&#8220;WhatsUp.ExportUtilities.Export.GetFileWithoutZip permet l&#8217;ex\u00e9cution de commandes avec les privil\u00e8ges iisapppool\\nmconsole&#8221;, a d\u00e9clar\u00e9 la soci\u00e9t\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/community.progress.com\/s\/article\/WhatsUp-Gold-Security-Bulletin-June-2024\" target=\"_blank\">dit<\/a> dans un avis publi\u00e9 fin juin 2024.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thehackernews.uk\/ever-d\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/1723158846_267_Une-nouvelle-arnaque-par-phishing-utilise-des-dessins-Google-et.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Selon le chercheur en s\u00e9curit\u00e9 Sina Kheirkhah de la Summoning Team, la faille <a rel=\"nofollow noopener\" href=\"https:\/\/summoning.team\/blog\/progress-whatsup-gold-rce-cve-2024-4885\/\" target=\"_blank\">r\u00e9side<\/a> dans l&#8217;impl\u00e9mentation de la m\u00e9thode GetFileWithoutZip, qui ne parvient pas \u00e0 effectuer une validation ad\u00e9quate des chemins fournis par l&#8217;utilisateur avant son utilisation.<\/p>\n<p>Un attaquant pourrait exploiter ce comportement pour ex\u00e9cuter du code dans le contexte du compte de service. Un exploit de preuve de concept (PoC) a depuis \u00e9t\u00e9 publi\u00e9 par Kheirkhah.<\/p>\n<p>La Shadowserver Foundation a d\u00e9clar\u00e9 avoir observ\u00e9 des tentatives d&#8217;exploitation contre la faille depuis le 1er ao\u00fbt 2024. \u00ab \u00c0 partir du 1er ao\u00fbt, nous voyons des tentatives de rappel d&#8217;exploitation \/NmAPI\/RecurringReport CVE-2024-4885 (jusqu&#8217;\u00e0 pr\u00e9sent 6 IP source) \u00bb, a-t-il d\u00e9clar\u00e9. <a rel=\"nofollow noopener\" href=\"https:\/\/x.com\/Shadowserver\/status\/1821121075704647731\" target=\"_blank\">dit<\/a> dans un post sur X.<\/p>\n<p>La version 2023.1.3 de WhatsUp Gold corrige deux autres failles critiques <a rel=\"nofollow noopener\" href=\"https:\/\/summoning.team\/blog\/progress-whatsup-gold-writedatafile-cve-2024-4883-rce\/\" target=\"_blank\">CVE-2024-4883<\/a> et CVE-2024-4884 (scores CVSS\u00a0: 9,8), qui permettent tous deux \u00e9galement l&#8217;ex\u00e9cution de code \u00e0 distance non authentifi\u00e9 via NmApi.exe et Apm.UI.Areas.APM.Controllers.CommunityController, respectivement.<\/p>\n<section class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/thehackernews.uk\/cis-image-hn\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2024\/08\/1723158847_323_Une-nouvelle-arnaque-par-phishing-utilise-des-dessins-Google-et.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/section>\n<p>Progress Software s&#8217;attaque \u00e9galement \u00e0 un probl\u00e8me d&#8217;escalade de privil\u00e8ges de haute gravit\u00e9 (<a rel=\"nofollow noopener\" href=\"https:\/\/summoning.team\/blog\/progress-whatsup-gold-privesc-setadminpassword-cve-2024-5009\/\" target=\"_blank\">CVE-2024-5009<\/a>Score CVSS\u00a0: 8,4) qui permet aux attaquants locaux d\u2019\u00e9lever leurs privil\u00e8ges sur les installations affect\u00e9es en tirant parti de la m\u00e9thode SetAdminPassword.<\/p>\n<p>Les failles du logiciel Progress \u00e9tant r\u00e9guli\u00e8rement exploit\u00e9es par des acteurs malveillants \u00e0 des fins malveillantes, il est essentiel que les administrateurs appliquent les derni\u00e8res mises \u00e0 jour de s\u00e9curit\u00e9 et autorisent le trafic uniquement \u00e0 partir d&#8217;adresses IP fiables afin d&#8217;att\u00e9nuer les menaces potentielles.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ? Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Gazouillement <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire davantage de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/08\/critical-security-flaw-in-whatsup-gold.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80208 ao\u00fbt 2024\ue804Ravie LakshmananVuln\u00e9rabilit\u00e9 \/ S\u00e9curit\u00e9 du r\u00e9seau Une faille de s\u00e9curit\u00e9 critique affectant Progress Software WhatsUp Gold fait l&#8217;objet de tentatives d&#8217;exploitation actives, ce qui rend essentiel que les utilisateurs agissent rapidement pour appliquer la derni\u00e8re version. La vuln\u00e9rabilit\u00e9 en question est CVE-2024-4885 (Score CVSS\u00a0: 9,8), un bogue d&#8217;ex\u00e9cution de code \u00e0 distance non [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1272636,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[9261,238714,200292,238582,238778,1933,4168,246493,22,4158,6124,429,1326,9048,369,2694,238584,5392,200271,617,238334,98340,1835,238617,246491,4172,196,4166,238583,246492],"class_list":["post-1272635","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-active","tag-actualites-des-hackers","tag-actualites-sur-la-cybersecurite","tag-actualites-sur-la-cybersecurite-aujourdhui","tag-actualites-sur-le-piratage-informatique","tag-attaque","tag-comment-pirater","tag-corrigezla","tag-critique","tag-cyber-actualites","tag-cyberattaques","tag-dans","tag-dune","tag-faille","tag-fait","tag-gold","tag-les-nouvelles-des-hackers","tag-lobjet","tag-logiciel-malveillant-rancongiciel","tag-maintenant","tag-mises-a-jour-cybernetiques","tag-mises-a-jour-de-cybersecurite","tag-securite","tag-securite-de-linformation","tag-securite-du-reseau","tag-securite-informatique","tag-une","tag-violation-de-donnees","tag-vulnerabilite-du-logiciel","tag-whatsup"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1272635","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1272635"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1272635\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1272636"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1272635"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1272635"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1272635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}