{"id":467502,"date":"2022-11-17T07:56:24","date_gmt":"2022-11-17T09:56:24","guid":{"rendered":"https:\/\/teknomers.com\/fr\/vulnerabilites-de-gravite-elevee-signalees-dans-les-appareils-f5-big-ip-et-big-iq\/"},"modified":"2022-11-17T07:56:25","modified_gmt":"2022-11-17T09:56:25","slug":"vulnerabilites-de-gravite-elevee-signalees-dans-les-appareils-f5-big-ip-et-big-iq","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/vulnerabilites-de-gravite-elevee-signalees-dans-les-appareils-f5-big-ip-et-big-iq\/","title":{"rendered":"Vuln\u00e9rabilit\u00e9s de gravit\u00e9 \u00e9lev\u00e9e signal\u00e9es dans les appareils F5 BIG-IP et BIG-IQ"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Plusieurs vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 ont \u00e9t\u00e9 r\u00e9v\u00e9l\u00e9es dans les appareils F5 BIG-IP et BIG-IQ qui, si elles sont exploit\u00e9es avec succ\u00e8s, compromettent compl\u00e8tement les syst\u00e8mes concern\u00e9s.<\/p>\n<p>La soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 Rapid7 a d\u00e9clar\u00e9 que le <a rel=\"nofollow noopener\" href=\"https:\/\/support.f5.com\/csp\/article\/K97843387\" target=\"_blank\">d\u00e9fauts<\/a> pourraient \u00eatre abus\u00e9s pour acc\u00e9der \u00e0 distance aux appareils et contourner les contraintes de s\u00e9curit\u00e9.  Les probl\u00e8mes affectent les versions 13.x, 14.x, 15.x, 16.x et 17.x de BIG-IP et les versions 7.x et 8.x de gestion centralis\u00e9e de BIG-IQ.<\/p>\n<p>Les deux probl\u00e8mes de gravit\u00e9 \u00e9lev\u00e9e, qui ont \u00e9t\u00e9 signal\u00e9s \u00e0 F5 le 18 ao\u00fbt 2022, sont les suivants\u00a0:<\/p>\n<ul>\n<li><strong>CVE-2022-41622<\/strong> (Score CVSS : 8,8) &#8211; Une falsification de requ\u00eate intersite (<a rel=\"nofollow noopener\" href=\"https:\/\/owasp.org\/www-community\/attacks\/csrf\" target=\"_blank\">CSRF<\/a>) via iControl SOAP, entra\u00eenant l&#8217;ex\u00e9cution de code \u00e0 distance non authentifi\u00e9.<\/li>\n<li><strong>CVE-2022-41800<\/strong> (Score CVSS\u00a0: 8,7) &#8211; Une vuln\u00e9rabilit\u00e9 iControl REST qui pourrait permettre \u00e0 un utilisateur authentifi\u00e9 avec un r\u00f4le d&#8217;administrateur de contourner <a rel=\"nofollow noopener\" href=\"https:\/\/support.f5.com\/csp\/article\/K12815\" target=\"_blank\">Mode appareil<\/a> restrictions.<\/li>\n<\/ul>\n<p>&#8220;En exploitant avec succ\u00e8s la pire des vuln\u00e9rabilit\u00e9s (CVE-2022-41622), un attaquant pourrait obtenir un acc\u00e8s root persistant \u00e0 l&#8217;interface de gestion de l&#8217;appareil (m\u00eame si l&#8217;interface de gestion n&#8217;est pas accessible sur Internet)&#8221;, a d\u00e9clar\u00e9 le chercheur de Rapid7, Ron Bowes. <a rel=\"nofollow noopener\" href=\"https:\/\/www.rapid7.com\/blog\/post\/2022\/11\/16\/cve-2022-41622-and-cve-2022-41800-fixed-f5-big-ip-and-icontrol-rest-vulnerabilities-and-exposures\/\" target=\"_blank\">a dit<\/a>.<\/p>\n<p>Cependant, il convient de noter qu&#8217;un tel exploit n\u00e9cessite qu&#8217;un administrateur ayant une session active visite un site Web hostile.<\/p>\n<p>Ont \u00e9galement \u00e9t\u00e9 identifi\u00e9s <a rel=\"nofollow noopener\" href=\"https:\/\/support.f5.com\/csp\/article\/K05403841\" target=\"_blank\">trois instances diff\u00e9rentes<\/a> de contournement de s\u00e9curit\u00e9, qui, selon F5, ne peut \u00eatre exploit\u00e9 sans d&#8217;abord briser les barri\u00e8res de s\u00e9curit\u00e9 existantes gr\u00e2ce \u00e0 un m\u00e9canisme auparavant non document\u00e9.<\/p>\n<p>Si un tel sc\u00e9nario se pr\u00e9sentait, un adversaire avec Advanced Shell (<a rel=\"nofollow noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/Bash_(Unix_shell)\" target=\"_blank\">frapper<\/a>) l&#8217;acc\u00e8s \u00e0 l&#8217;appliance pourrait exploiter ces faiblesses pour ex\u00e9cuter des commandes syst\u00e8me arbitraires, cr\u00e9er ou supprimer des fichiers ou d\u00e9sactiver des services.<\/p>\n<p>Bien que F5 n&#8217;ait fait aucune mention des vuln\u00e9rabilit\u00e9s exploit\u00e9es dans les attaques, il est recommand\u00e9 aux utilisateurs d&#8217;appliquer les correctifs n\u00e9cessaires au fur et \u00e0 mesure qu&#8217;ils deviennent disponibles pour att\u00e9nuer les risques potentiels.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/11\/high-severity-vulnerabilities-reported.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plusieurs vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 ont \u00e9t\u00e9 r\u00e9v\u00e9l\u00e9es dans les appareils F5 BIG-IP et BIG-IQ qui, si elles sont exploit\u00e9es avec succ\u00e8s, compromettent compl\u00e8tement les syst\u00e8mes concern\u00e9s. La soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 Rapid7 a d\u00e9clar\u00e9 que le d\u00e9fauts pourraient \u00eatre abus\u00e9s pour acc\u00e9der \u00e0 distance aux appareils et contourner les contraintes de s\u00e9curit\u00e9. Les probl\u00e8mes affectent les [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":467503,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[8737,60488,125161,4168,4158,4165,4161,429,1053,11128,4157,4159,4171,4170,65,4167,4160,4163,4162,4172,4169,10614,4166,4164,12365],"class_list":["post-467502","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-appareils","tag-bigip","tag-bigiq","tag-comment-pirater","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-dans","tag-elevee","tag-gravite","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-securite-informatique","tag-securite-internet","tag-signalees","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/467502","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=467502"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/467502\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/467503"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=467502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=467502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=467502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}