Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-19203 (GCVE-0-2019-19203)
Vulnerability from cvelistv5
Published
2019-11-21 20:06
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kkos/oniguruma/issues/163"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ManhNDd/CVE-2019-19203"
},
{
"name": "FEDORA-2019-d942abd0d4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/"
},
{
"name": "FEDORA-2019-73197ff9a0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tarantula-team/CVE-2019-19203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-24T14:18:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kkos/oniguruma/issues/163"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ManhNDd/CVE-2019-19203"
},
{
"name": "FEDORA-2019-d942abd0d4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/"
},
{
"name": "FEDORA-2019-73197ff9a0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tarantula-team/CVE-2019-19203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2",
"refsource": "MISC",
"url": "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2"
},
{
"name": "https://github.com/kkos/oniguruma/issues/163",
"refsource": "MISC",
"url": "https://github.com/kkos/oniguruma/issues/163"
},
{
"name": "https://github.com/ManhNDd/CVE-2019-19203",
"refsource": "MISC",
"url": "https://github.com/ManhNDd/CVE-2019-19203"
},
{
"name": "FEDORA-2019-d942abd0d4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/"
},
{
"name": "FEDORA-2019-73197ff9a0",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/"
},
{
"name": "https://github.com/tarantula-team/CVE-2019-19203",
"refsource": "MISC",
"url": "https://github.com/tarantula-team/CVE-2019-19203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19203",
"datePublished": "2019-11-21T20:06:59.000Z",
"dateReserved": "2019-11-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:09:39.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2024-AVI-0385
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services (Certified Container) toutes versions sans le dernier correctif de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.23 | ||
| IBM | N/A | AIX et VIOS sans le dernier correctif de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions antérieures à 6.1.0.24 | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.4.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.7 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF02 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct Web Services (Certified Container) toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.23",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX et VIOS sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions ant\u00e9rieures \u00e0 6.1.0.24",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.4.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.7",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2023-6681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2024-27273",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27273"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-51043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51043"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2023-5178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2020-10001",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10001"
},
{
"name": "CVE-2024-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
},
{
"name": "CVE-2021-33503",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33503"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2024-28102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28102"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45862"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2020-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3898"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2018-20060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-6817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-27269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27269"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2018-19787",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19787"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2024-1488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"name": "CVE-2023-44794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44794"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2023-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32324"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2014-3146",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3146"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"name": "CVE-2023-34241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34241"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2020-26137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
},
{
"name": "CVE-2019-11324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11324"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2004"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
},
{
"name": "CVE-2019-11236",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11236"
},
{
"name": "CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2021-33631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
},
{
"name": "CVE-2023-50387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
},
{
"name": "CVE-2024-0985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-6546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
},
{
"name": "CVE-2023-7192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
},
{
"name": "CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2024-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-51042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51042"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-27783",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2021-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43818"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"name": "CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"name": "CVE-2023-6931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
}
],
"initial_release_date": "2024-05-10T00:00:00",
"last_revision_date": "2024-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150297 du 06 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150297"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150684 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150684"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150803 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150803"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150277 du 05 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150277"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150196 du 03 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150196"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150798 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150804 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150804"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150799 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150799"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150276 du 05 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150276"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150802 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150802"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150362 du 07 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150362"
}
]
}
CERTFR-2024-AVI-0305
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Sterling Connect:Direct pour UNIX versions 6.1.0.x antérieures à 6.1.0.4.iFix104
- Sterling Connect:Direct pour UNIX versions 6.0.0.x antérieures à 6.0.0.2.iFix163
- Sterling Connect:Direct FTP+ versions antérieures à 1.3.0 sans le correctif de sécurité iFix026
- QRadar App SDK versions 2.2.x antérieures à 2.2.1
- QRadar Deployment Intelligence App versions antérieures à 3.0.13
- Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.20.0
- QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF01
- QRadar Suite Software versions 1.10.12.x antérieures à 1.10.20.0
- WebSphere Application Server Liberty versions postérieures à 21.0.0.2 et antérieures à 24.0.0.4
- WebSphere Application Server versions 9.x antérieures à 9.0.5.19
- WebSphere Application Server versions postérieures à 8.5.5.2 antérieures à 8.5.5.26
- Sterling B2B Integrator versions 6.0.x.x à 6.1.x.x antérieures à 6.1.2.5
- Sterling B2B Integrator versions 6.2.x.x antérieures à 6.2.0.1
Se référer aux bulletin de l'éditeur pour les versions des fichiers vulnérables (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.1.0.x ant\u00e9rieures \u00e0\u00a06.1.0.4.iFix104\u003c/li\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.0.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix163\u003c/li\u003e \u003cli\u003eSterling Connect:Direct FTP+ versions ant\u00e9rieures \u00e0 1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix026\u003c/li\u003e \u003cli\u003eQRadar App SDK versions 2.2.x ant\u00e9rieures \u00e0 2.2.1\u003c/li\u003e \u003cli\u003eQRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.13\u003c/li\u003e \u003cli\u003eCloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eQRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF01\u003c/li\u003e \u003cli\u003eQRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eWebSphere Application Server Liberty versions post\u00e9rieures \u00e0 21.0.0.2 et ant\u00e9rieures \u00e0 24.0.0.4\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.19\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions post\u00e9rieures \u00e0 8.5.5.2 ant\u00e9rieures \u00e0 8.5.5.26\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.0.x.x \u00e0 6.1.x.x ant\u00e9rieures \u00e0 6.1.2.5\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.1\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux bulletin de l\u0027\u00e9diteur pour les versions des fichiers vuln\u00e9rables (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2012-0881",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0881"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2023-42794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42794"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2022-41721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
},
{
"name": "CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2023-46589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2024-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22234"
}
],
"initial_release_date": "2024-04-12T00:00:00",
"last_revision_date": "2024-04-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0305",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147813 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147813"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148062 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147943 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147943"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147903 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147903"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148094 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148094"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148151 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148151"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148066 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148066"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148158 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148158"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147727 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147727"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148065 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148065"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148068 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148068"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147728 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147728"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147944 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147944"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147726 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147726"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147923 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147923"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147812 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147812"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148063 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148063"
}
]
}
CERTFR-2024-AVI-0506
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Secure Analytics versions antérieures à 7.5.0 UP8 IF03 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP8 IF03",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2019-15505",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15505"
},
{
"name": "CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-40551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40551"
},
{
"name": "CVE-2022-45934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45934"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-51043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51043"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-45863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45863"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2023-6915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6915"
},
{
"name": "CVE-2023-5178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
},
{
"name": "CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-37453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37453"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2020-10001",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10001"
},
{
"name": "CVE-2024-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2023-4133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4133"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2023-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
},
{
"name": "CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
},
{
"name": "CVE-2023-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45862"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2020-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3898"
},
{
"name": "CVE-2023-51779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2024-28784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28784"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-50961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50961"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"name": "CVE-2023-6817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2024-26609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26609"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2001-1267",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1267"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2024-22262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2023-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2024-27269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27269"
},
{
"name": "CVE-2023-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38409"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2018-19787",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2023-39198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39198"
},
{
"name": "CVE-2024-1488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
},
{
"name": "CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"name": "CVE-2021-3753",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2023-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32324"
},
{
"name": "CVE-2014-3146",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3146"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-3758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3758"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-40546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40546"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2023-52580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52580"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-52574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
},
{
"name": "CVE-2022-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3565"
},
{
"name": "CVE-2023-31083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31083"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2023-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6176"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2023-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
},
{
"name": "CVE-2022-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0500"
},
{
"name": "CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"name": "CVE-2023-51780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2023-34241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34241"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2024-25742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
},
{
"name": "CVE-2024-25743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2021-4204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-52620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2021-33631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
},
{
"name": "CVE-2023-50387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
},
{
"name": "CVE-2023-40549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40549"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2023-40548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40548"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2023-6546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
},
{
"name": "CVE-2023-7192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
},
{
"name": "CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2023-52581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52581"
},
{
"name": "CVE-2023-40550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40550"
},
{
"name": "CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2024-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-51042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51042"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2023-50960",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50960"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-25775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25775"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-27783",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
},
{
"name": "CVE-2023-6622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6622"
},
{
"name": "CVE-2021-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43818"
},
{
"name": "CVE-2022-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
},
{
"name": "CVE-2023-6121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"name": "CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"name": "CVE-2023-40547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40547"
},
{
"name": "CVE-2023-6931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
}
],
"initial_release_date": "2024-06-19T00:00:00",
"last_revision_date": "2024-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0506",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": "2024-06-19",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82681",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP8-IF03"
}
]
}
CERTFR-2024-AVI-0459
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | N/A | IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions postérieures à 3.5 et antérieures à 4.8.5 | ||
| IBM | N/A | DevOps Code ClearCase versions 11.0.x sans le dernier correctif de sécurité | ||
| IBM | N/A | Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions post\u00e9rieures \u00e0 3.5 et ant\u00e9rieures \u00e0 4.8.5",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DevOps Code ClearCase versions 11.0.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Rational ClearCase versions 9.1.x et 10.0.0.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
},
{
"name": "CVE-2024-25030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25030"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2023-52296",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52296"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2024-25046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25046"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1996"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2018-1313",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1313"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2024-27254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27254"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2015-1832",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1832"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2024-22190",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-22360",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22360"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2023-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38729"
},
{
"name": "CVE-2024-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21626"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2024-24549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2023-261257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-261257"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2023-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2024-0690",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0690"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2012-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2677"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2024-05-31T00:00:00",
"last_revision_date": "2024-05-31T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0459",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-31T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-05-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7155114",
"url": "https://www.ibm.com/support/pages/node/7155114"
},
{
"published_at": "2024-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7155078",
"url": "https://www.ibm.com/support/pages/node/7155078"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…