Cryptzone Support

If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here



Statement regarding Shell Shock Vulnerability

« Go Back


Article Number000001152




This vulnerability could allow for arbitrary code execution. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.


AppGate products


All supported versions of the AppGate Security Server are not exploitable through BASH code injection. Remotely accessible applications and services running on the AppGate Security Server itself do not use the BASH shell to execute commands.

However, the AppGate does include the vulnerable version of BASH in all releases up to 10.2.3. The only way to attempt to exploit this is with access to the admin role and related terminal access which gives full administrative control anyway so the system is no more or less vulnerable with this version of BASH.

BASH is in fact not used in the AppGate so is likely to be removed completely in the next release after 10.2.3


SEP products

SEP products are not affected by this vulnerability.


Related File 
Additional Files 



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255