{"id":533277,"date":"2022-12-29T09:45:35","date_gmt":"2022-12-29T11:45:35","guid":{"rendered":"https:\/\/teknomers.com\/fr\/des-milliers-de-serveurs-citrix-toujours-non-corriges-pour-les-vulnerabilites-critiques\/"},"modified":"2022-12-29T09:45:36","modified_gmt":"2022-12-29T11:45:36","slug":"des-milliers-de-serveurs-citrix-toujours-non-corriges-pour-les-vulnerabilites-critiques","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/des-milliers-de-serveurs-citrix-toujours-non-corriges-pour-les-vulnerabilites-critiques\/","title":{"rendered":"Des milliers de serveurs Citrix toujours non corrig\u00e9s pour les vuln\u00e9rabilit\u00e9s critiques"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">29 d\u00e9cembre 2022<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 du serveur \/ Citrix<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Des milliers de terminaux Citrix Application Delivery Controller (ADC) et Gateway restent vuln\u00e9rables \u00e0 deux failles de s\u00e9curit\u00e9 critiques r\u00e9v\u00e9l\u00e9es par la soci\u00e9t\u00e9 au cours des derniers mois.<\/p>\n<p>Les probl\u00e8mes en question sont <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27510\" target=\"_blank\">CVE-2022-27510<\/a> et <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-27518\" target=\"_blank\">CVE-2022-27518<\/a> (scores CVSS\u00a0: 9,8), qui ont \u00e9t\u00e9 trait\u00e9s par le fournisseur de services de virtualisation le 8\u00a0novembre et le 13\u00a0d\u00e9cembre\u00a02022, respectivement.<\/p>\n<p>Alors que CVE-2022-27510 concerne un <a rel=\"nofollow noopener\" href=\"https:\/\/support.citrix.com\/article\/CTX463706\/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516\" target=\"_blank\">contournement d&#8217;authentification<\/a> qui pourrait \u00eatre exploit\u00e9e pour obtenir un acc\u00e8s non autoris\u00e9 aux capacit\u00e9s des utilisateurs de Gateway, CVE-2022-27518 concerne un bogue d&#8217;ex\u00e9cution de code \u00e0 distance qui pourrait permettre la prise de contr\u00f4le des syst\u00e8mes affect\u00e9s.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/12\/1671770183_323_LastPass-admet-une-grave-violation-de-donnees-et-des-coffres-forts.png\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Citrix et la National Security Agency (NSA) des \u00c9tats-Unis ont averti plus t\u00f4t ce mois-ci que CVE-2022-27518 \u00e9tait activement exploit\u00e9 dans la nature par des acteurs de la menace, y compris le groupe parrain\u00e9 par l&#8217;\u00c9tat APT5 li\u00e9 \u00e0 la Chine.<\/p>\n<div class=\"separator\" style=\"clear: both;\"><img decoding=\"async\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/12\/Des-milliers-de-serveurs-Citrix-toujours-non-corriges-pour-les.png\" alt=\"Serveurs Citrix\" border=\"0\" data-original-height=\"506\" data-original-width=\"728\" title=\"Serveurs Citrix\"\/><\/div>\n<div class=\"separator\" style=\"clear: both;\"><img decoding=\"async\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/12\/1672314335_222_Des-milliers-de-serveurs-Citrix-toujours-non-corriges-pour-les.png\" alt=\"Serveurs Citrix\" border=\"0\" data-original-height=\"517\" data-original-width=\"728\" title=\"Serveurs Citrix\"\/><\/div>\n<p>D\u00e9sormais, selon un <a rel=\"nofollow noopener\" href=\"https:\/\/blog.fox-it.com\/2022\/12\/28\/cve-2022-27510-cve-2022-27518-measuring-citrix-adc-gateway-version-adoption-on-the-internet\/\" target=\"_blank\">nouvelle analyse<\/a> Selon l&#8217;\u00e9quipe de recherche Fox-IT de NCC Group, des milliers de serveurs Citrix connect\u00e9s \u00e0 Internet ne sont toujours pas corrig\u00e9s, ce qui en fait une cible attrayante pour les \u00e9quipes de piratage.<\/p>\n<p>Cela comprend plus de 3 500 serveurs Citrix ADC et Gateway ex\u00e9cutant la version 12.1-65.21 qui sont sensibles \u00e0 CVE-2022-27518, ainsi que plus de 500 serveurs ex\u00e9cutant 12.1-63.22 qui sont vuln\u00e9rables aux deux failles.<\/p>\n<p>La majorit\u00e9 des serveurs, soit pas moins de 5 000, ex\u00e9cutent 13.0-88.14, une version immunis\u00e9e contre CVE-2022-27510 et CVE-2022-27518.<\/p>\n<p>Une r\u00e9partition par pays montre que plus de 40\u00a0% des serveurs situ\u00e9s au Danemark, aux Pays-Bas, en Autriche, en Allemagne, en France, \u00e0 Singapour, en Australie, au Royaume-Uni et aux \u00c9tats-Unis ont \u00e9t\u00e9 mis \u00e0 jour, la Chine \u00e9tant la pire, o\u00f9 seulement 20\u00a0% de pr\u00e8s de 550 serveurs ont \u00e9t\u00e9 patch\u00e9s.<\/p>\n<p>Fox-IT a d\u00e9clar\u00e9 qu&#8217;il \u00e9tait en mesure de d\u00e9duire le <a rel=\"nofollow noopener\" href=\"https:\/\/gist.github.com\/fox-srt\/c7eb3cbc6b4bf9bb5a874fa208277e86\" target=\"_blank\">information sur la version<\/a> \u00e0 partir d&#8217;une valeur de hachage de type MD5 pr\u00e9sente dans la r\u00e9ponse HTTP de l&#8217;URL de connexion (c&#8217;est-\u00e0-dire &#8220;ns_gui\/vpn\/index.html&#8221;) et en la mappant \u00e0 leurs versions respectives.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/12\/thousands-of-citrix-servers-still.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80229 d\u00e9cembre 2022\ue804Ravie LakshmananS\u00e9curit\u00e9 du serveur \/ Citrix Des milliers de terminaux Citrix Application Delivery Controller (ADC) et Gateway restent vuln\u00e9rables \u00e0 deux failles de s\u00e9curit\u00e9 critiques r\u00e9v\u00e9l\u00e9es par la soci\u00e9t\u00e9 au cours des derniers mois. Les probl\u00e8mes en question sont CVE-2022-27510 et CVE-2022-27518 (scores CVSS\u00a0: 9,8), qui ont \u00e9t\u00e9 trait\u00e9s par le fournisseur de [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":533278,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[107138,4168,8543,5729,4158,4165,4161,133,4157,4159,4171,4170,65,4167,1558,4160,4163,4162,185,4172,4169,8541,220,4166,4164,12365],"class_list":["post-533277","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-citrix","tag-comment-pirater","tag-corriges","tag-critiques","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-des","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-milliers","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-pour","tag-securite-informatique","tag-securite-internet","tag-serveurs","tag-toujours","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/533277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=533277"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/533277\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/533278"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=533277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=533277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=533277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}