cvelistv5 - cve-2020-8698

CVE-2020-8698 (GCVE-0-2020-8698)

Vulnerability from cvelistv5

Published

2020-11-12 18:01

Modified

2024-08-04 10:03

Severity ?

CWE

information disclosure

Summary

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

URL

Tags

	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-20201113-0006/	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/	vendor-advisory, x_refsource_FEDORA
	https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) Processors	Version: See references

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:03:46.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
          },
          {
            "name": "FEDORA-2020-14fda1bf85",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
          },
          {
            "name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Processors",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "See references"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-11T12:06:29.000Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
        },
        {
          "name": "FEDORA-2020-14fda1bf85",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
        },
        {
          "name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2020-8698",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Processors",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "See references"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
            },
            {
              "name": "FEDORA-2020-14fda1bf85",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
            },
            {
              "name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2020-8698",
    "datePublished": "2020-11-12T18:01:55.000Z",
    "dateReserved": "2020-02-06T00:00:00.000Z",
    "dateUpdated": "2024-08-04T10:03:46.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2020-AVI-746

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Citrix. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Citrix	XenServer	Citrix XenServer versions antérieures à 7.1 LTSR CU2 avec le correctif XS71ECU2050
Citrix	Citrix Hypervisor	Citrix Hypervisor versions antérieures à 8.1 avec le correctif XS81E012
Citrix	Citrix Hypervisor	Citrix Hypervisor versions antérieures à 8.2 LTSR avec le correctif XS82E010
Citrix	XenServer	Citrix XenServer versions antérieures à 7.0 avec le correctif XS70E086

References

Title

Publication Time

Tags

Bulletin de sécurité Citrix CTX285937 du 12 novembre 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Citrix XenServer versions ant\u00e9rieures \u00e0 7.1 LTSR CU2 avec le correctif XS71ECU2050",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Hypervisor versions ant\u00e9rieures \u00e0 8.1 avec le correctif XS81E012",
      "product": {
        "name": "Citrix Hypervisor",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix Hypervisor versions ant\u00e9rieures \u00e0 8.2 LTSR avec le correctif XS82E010",
      "product": {
        "name": "Citrix Hypervisor",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    },
    {
      "description": "Citrix XenServer versions ant\u00e9rieures \u00e0 7.0 avec le correctif XS70E086",
      "product": {
        "name": "XenServer",
        "vendor": {
          "name": "Citrix",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-8696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
    },
    {
      "name": "CVE-2020-8698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
    }
  ],
  "initial_release_date": "2020-11-13T00:00:00",
  "last_revision_date": "2020-11-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-746",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nCitrix. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Citrix",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Citrix CTX285937 du 12 novembre 2020",
      "url": "https://support.citrix.com/article/CTX285937"
    }
  ]
}

CERTFR-2021-AVI-357

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	TECNOMATIX Plan Simulation versions antérieures à 16.0.5
Siemens	N/A	SIMATIC NET CP 1545-1, CP 343-1 toutes versions
Siemens	N/A	SIMATIC NET CP 1243-1, CP 1243-7, CP 1243-8 versions 3.1.39 et ultérieures
Siemens	N/A	SINAMICS SL150, SM150, SM150i toutes versions
Siemens	N/A	SIMATIC IPC127E, IPC427E, IPC477E, IPC527G, IPC547G toutes versions
Siemens	N/A	SINUMERIK ONE 840D et PPU 1740 toutes versions
Siemens	N/A	MENDIX Database Replication versions antérieures à 7.0.1
Siemens	N/A	SINAMICS GH150, GL150 (X30), GM150 (X30), SH150, SM120 avec les versions de HMI Panel antérieures à v16 update 4
Siemens	N/A	RUGGEDCOM RM1224 versions antérieures à 6.4
Siemens	N/A	SIMATIC WinCC runtime advanced versions antérieures à 16 update 4
Siemens	N/A	MENDIX module Excel Importer versions antérieures à 9.0.3
Siemens	N/A	SCALANCE XM-400, XR-500, M-800, S615 versions antérieures à 6.4
Siemens	N/A	SCALANCE W1750D versions v8.3.0.1, v8.6.0 et v8.7.0
Siemens	N/A	SIMATIC MV500 toutes versions
Siemens	N/A	SIMATIC IPC627E, IPC647E, IPC677E, IPC847E versions antérieures à 25.02.08
Siemens	N/A	SIMATIC Cloud Connect 7 toutes versions
Siemens	N/A	SIMATIC HMI versions antérieures à 16 update 4
Siemens	N/A	SINEMA Remote Connect Server versions antérieures à 3.0 SP1
Siemens	N/A	SIMATIC ET 200SP Open Controller CPU 1515SP PC2 toutes versions
Siemens	N/A	SIMATIC Field PG M6 toutes versions
Siemens	N/A	SIMATIC ITP1000 versions antérieures à 23.01.08
Siemens	N/A	TIM 1531 toutes versions
Siemens	N/A	SIMATIC NET CP 1542, CP 1543-1 versions 2.0 et ultérieures
Siemens	N/A	SINUMERIK 828D HW PPU.4, MC MCU 170 toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 ou 1518F-4 toutes versions
Siemens	N/A	SIMATIC Field PG M5 versions antérieures à 22.01.08

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens du 11 mai 2021	None	vendor-advisory
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other
Bulletin de sécurité Siemens du 11 mai 2021	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TECNOMATIX Plan Simulation versions ant\u00e9rieures \u00e0 16.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 1545-1, CP 343-1 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 1243-1, CP 1243-7, CP 1243-8 versions 3.1.39 et ult\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS SL150, SM150, SM150i toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC127E, IPC427E, IPC477E, IPC527G, IPC547G toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK ONE 840D et PPU 1740 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MENDIX Database Replication versions ant\u00e9rieures \u00e0 7.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS GH150, GL150 (X30), GM150 (X30), SH150, SM120 avec les versions de HMI Panel ant\u00e9rieures \u00e0 v16 update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 6.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC runtime advanced versions ant\u00e9rieures \u00e0 16 update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MENDIX module Excel Importer versions ant\u00e9rieures \u00e0 9.0.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE XM-400, XR-500, M-800, S615 versions ant\u00e9rieures \u00e0 6.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions v8.3.0.1, v8.6.0 et v8.7.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV500 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC627E, IPC647E, IPC677E, IPC847E versions ant\u00e9rieures \u00e0 25.02.08",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Cloud Connect 7 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI versions ant\u00e9rieures \u00e0 16 update 4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Field PG M6 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC ITP1000 versions ant\u00e9rieures \u00e0 23.01.08",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIM 1531 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 1542, CP 1543-1 versions 2.0 et ult\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 828D HW PPU.4, MC MCU 170 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 ou 1518F-4 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Field PG M5 versions ant\u00e9rieures \u00e0 22.01.08",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-25146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25146"
    },
    {
      "name": "CVE-2020-24636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24636"
    },
    {
      "name": "CVE-2020-15798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15798"
    },
    {
      "name": "CVE-2021-25158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25158"
    },
    {
      "name": "CVE-2019-8262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8262"
    },
    {
      "name": "CVE-2019-8277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8277"
    },
    {
      "name": "CVE-2021-25157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25157"
    },
    {
      "name": "CVE-2021-25144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25144"
    },
    {
      "name": "CVE-2021-27385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27385"
    },
    {
      "name": "CVE-2021-25661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25661"
    },
    {
      "name": "CVE-2019-8265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8265"
    },
    {
      "name": "CVE-2021-25662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25662"
    },
    {
      "name": "CVE-2021-25161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25161"
    },
    {
      "name": "CVE-2020-8745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8745"
    },
    {
      "name": "CVE-2019-8260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8260"
    },
    {
      "name": "CVE-2021-27386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27386"
    },
    {
      "name": "CVE-2019-8263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8263"
    },
    {
      "name": "CVE-2021-25660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25660"
    },
    {
      "name": "CVE-2020-28393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28393"
    },
    {
      "name": "CVE-2021-25150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25150"
    },
    {
      "name": "CVE-2019-8261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8261"
    },
    {
      "name": "CVE-2019-8259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8259"
    },
    {
      "name": "CVE-2019-5317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5317"
    },
    {
      "name": "CVE-2021-25145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25145"
    },
    {
      "name": "CVE-2021-31341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31341"
    },
    {
      "name": "CVE-2021-27396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27396"
    },
    {
      "name": "CVE-2020-8698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
    },
    {
      "name": "CVE-2020-25705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
    },
    {
      "name": "CVE-2021-25148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25148"
    },
    {
      "name": "CVE-2019-8280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8280"
    },
    {
      "name": "CVE-2021-27384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27384"
    },
    {
      "name": "CVE-2020-0591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0591"
    },
    {
      "name": "CVE-2020-0590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0590"
    },
    {
      "name": "CVE-2019-8275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8275"
    },
    {
      "name": "CVE-2021-25149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25149"
    },
    {
      "name": "CVE-2020-25242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25242"
    },
    {
      "name": "CVE-2021-27397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27397"
    },
    {
      "name": "CVE-2019-5319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5319"
    },
    {
      "name": "CVE-2021-25156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25156"
    },
    {
      "name": "CVE-2019-8264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8264"
    },
    {
      "name": "CVE-2019-19276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19276"
    },
    {
      "name": "CVE-2020-8694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8694"
    },
    {
      "name": "CVE-2021-25160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25160"
    },
    {
      "name": "CVE-2021-25159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25159"
    },
    {
      "name": "CVE-2021-25155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25155"
    },
    {
      "name": "CVE-2021-31339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31339"
    },
    {
      "name": "CVE-2021-27383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27383"
    },
    {
      "name": "CVE-2020-8744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8744"
    },
    {
      "name": "CVE-2021-25143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25143"
    },
    {
      "name": "CVE-2021-25162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25162"
    },
    {
      "name": "CVE-2021-27398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27398"
    },
    {
      "name": "CVE-2020-24635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24635"
    }
  ],
  "initial_release_date": "2021-05-11T00:00:00",
  "last_revision_date": "2021-05-11T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-854248.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-983548.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-919955.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501073.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-676775.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
    }
  ],
  "reference": "CERTFR-2021-AVI-357",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-05-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
      "url": null
    }
  ]
}

CERTFR-2023-AVI-0051

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	NorthStar Controller versions antérieures à 6.2.3
Juniper Networks	N/A	Contrail Cloud versions antérieures à 13.7.0
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO
Juniper Networks	N/A	Juniper Networks Contrail Service Orchestration (CSO) versions antérieures à 6.3.0
Juniper Networks	Junos OS	Junos OS versions antérieures à 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1
Juniper Networks	Junos Space	Junos Space versions antérieures à 22.3R1
Juniper Networks	N/A	Cloud Native Contrail Networking versions antérieures à R22.3

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA70195 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70183 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70203 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70192 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70213 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70193 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70181 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70186 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70179 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70208 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70201 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70209 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70187 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70199 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70180 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70198 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70196 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70197 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70202 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70190 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70191 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA69903 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70204 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70200 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70212 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70185 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70211 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70210 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70206 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70205 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70182 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70189 du 11 janvier 2023	None	vendor-advisory
Bulletin de sécurité Juniper JSA70207 du 11 janvier 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NorthStar Controller versions ant\u00e9rieures \u00e0 6.2.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Contrail Cloud versions ant\u00e9rieures \u00e0 13.7.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 6.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 22.3R1",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Native Contrail Networking versions ant\u00e9rieures \u00e0 R22.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-40085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40085"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2020-14621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
    },
    {
      "name": "CVE-2023-22403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22403"
    },
    {
      "name": "CVE-2020-8696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
    },
    {
      "name": "CVE-2020-14803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
    },
    {
      "name": "CVE-2023-22393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22393"
    },
    {
      "name": "CVE-2022-21426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2023-22407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22407"
    },
    {
      "name": "CVE-2021-35586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
    },
    {
      "name": "CVE-2023-22394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22394"
    },
    {
      "name": "CVE-2020-8695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
    },
    {
      "name": "CVE-2021-30465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30465"
    },
    {
      "name": "CVE-2021-35550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
    },
    {
      "name": "CVE-2023-22404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22404"
    },
    {
      "name": "CVE-2020-14562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14562"
    },
    {
      "name": "CVE-2021-35567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
    },
    {
      "name": "CVE-2020-14579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
    },
    {
      "name": "CVE-2021-33034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
    },
    {
      "name": "CVE-2021-42574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
    },
    {
      "name": "CVE-2021-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
    },
    {
      "name": "CVE-2023-22405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22405"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2021-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
    },
    {
      "name": "CVE-2021-2341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
    },
    {
      "name": "CVE-2020-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
    },
    {
      "name": "CVE-2021-26691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
    },
    {
      "name": "CVE-2021-27219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
    },
    {
      "name": "CVE-2022-38178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38178"
    },
    {
      "name": "CVE-2023-22409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22409"
    },
    {
      "name": "CVE-2020-14593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
    },
    {
      "name": "CVE-2021-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
    },
    {
      "name": "CVE-2023-22416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22416"
    },
    {
      "name": "CVE-2020-14797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
    },
    {
      "name": "CVE-2020-14798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
    },
    {
      "name": "CVE-2021-29154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
    },
    {
      "name": "CVE-2020-15778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
    },
    {
      "name": "CVE-2007-6755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6755"
    },
    {
      "name": "CVE-2022-21299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
    },
    {
      "name": "CVE-2022-38177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38177"
    },
    {
      "name": "CVE-2021-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
    },
    {
      "name": "CVE-2020-14578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
    },
    {
      "name": "CVE-2021-2385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
    },
    {
      "name": "CVE-2020-26116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
    },
    {
      "name": "CVE-2022-21624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
    },
    {
      "name": "CVE-2021-2194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
    },
    {
      "name": "CVE-2022-21305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
    },
    {
      "name": "CVE-2022-21166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21166"
    },
    {
      "name": "CVE-2020-14556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
    },
    {
      "name": "CVE-2020-36385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
    },
    {
      "name": "CVE-2020-14792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
    },
    {
      "name": "CVE-2020-25704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
    },
    {
      "name": "CVE-2022-25315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
    },
    {
      "name": "CVE-2022-22822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
    },
    {
      "name": "CVE-2018-8046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8046"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2021-2202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
    },
    {
      "name": "CVE-2023-22402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22402"
    },
    {
      "name": "CVE-2022-21626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
    },
    {
      "name": "CVE-2021-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3450"
    },
    {
      "name": "CVE-2020-14781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
    },
    {
      "name": "CVE-2021-2307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
    },
    {
      "name": "CVE-2023-22400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22400"
    },
    {
      "name": "CVE-2021-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
    },
    {
      "name": "CVE-2022-21366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
    },
    {
      "name": "CVE-2022-0934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
    },
    {
      "name": "CVE-2021-35559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
    },
    {
      "name": "CVE-2021-3573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
    },
    {
      "name": "CVE-2022-21291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
    },
    {
      "name": "CVE-2021-39275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
    },
    {
      "name": "CVE-2021-27364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
    },
    {
      "name": "CVE-2021-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
    },
    {
      "name": "CVE-2021-35565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
    },
    {
      "name": "CVE-2021-2432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2021-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
    },
    {
      "name": "CVE-2020-0549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
    },
    {
      "name": "CVE-2021-35603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-2526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
    },
    {
      "name": "CVE-2020-12364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2021-4083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
    },
    {
      "name": "CVE-2023-22397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22397"
    },
    {
      "name": "CVE-2020-14796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
    },
    {
      "name": "CVE-2022-21125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21125"
    },
    {
      "name": "CVE-2022-0330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
    },
    {
      "name": "CVE-2019-1543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1543"
    },
    {
      "name": "CVE-2021-2389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
    },
    {
      "name": "CVE-2020-8698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
    },
    {
      "name": "CVE-2017-12613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
    },
    {
      "name": "CVE-2021-27365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
    },
    {
      "name": "CVE-2020-8648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
    },
    {
      "name": "CVE-2022-21628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
    },
    {
      "name": "CVE-2022-25235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
    },
    {
      "name": "CVE-2020-27170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
    },
    {
      "name": "CVE-2023-22399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22399"
    },
    {
      "name": "CVE-2021-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2021-2390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
    },
    {
      "name": "CVE-2021-2144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
    },
    {
      "name": "CVE-2022-32250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
    },
    {
      "name": "CVE-2021-2154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
    },
    {
      "name": "CVE-2023-22398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22398"
    },
    {
      "name": "CVE-2021-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
    },
    {
      "name": "CVE-2021-23017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
    },
    {
      "name": "CVE-2020-14581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
    },
    {
      "name": "CVE-2020-12363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
    },
    {
      "name": "CVE-2021-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
    },
    {
      "name": "CVE-2021-2388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
    },
    {
      "name": "CVE-2023-22401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22401"
    },
    {
      "name": "CVE-2022-22942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
    },
    {
      "name": "CVE-2023-22396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22396"
    },
    {
      "name": "CVE-2021-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
    },
    {
      "name": "CVE-2021-34798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
    },
    {
      "name": "CVE-2020-24489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
    },
    {
      "name": "CVE-2023-22417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22417"
    },
    {
      "name": "CVE-2021-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
    },
    {
      "name": "CVE-2020-14573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14573"
    },
    {
      "name": "CVE-2022-21365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
    },
    {
      "name": "CVE-2020-24513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24513"
    },
    {
      "name": "CVE-2022-21123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21123"
    },
    {
      "name": "CVE-2022-21283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
    },
    {
      "name": "CVE-2022-21449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2021-22543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
    },
    {
      "name": "CVE-2020-14782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
    },
    {
      "name": "CVE-2020-35498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35498"
    },
    {
      "name": "CVE-2023-22406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22406"
    },
    {
      "name": "CVE-2021-33909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
    },
    {
      "name": "CVE-2020-27827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27827"
    },
    {
      "name": "CVE-2023-22391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22391"
    },
    {
      "name": "CVE-2019-20934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
    },
    {
      "name": "CVE-2021-28950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
    },
    {
      "name": "CVE-2021-29650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
    },
    {
      "name": "CVE-2021-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
    },
    {
      "name": "CVE-2020-36322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
    },
    {
      "name": "CVE-2021-4155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
    },
    {
      "name": "CVE-2022-21434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
    },
    {
      "name": "CVE-2023-22412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22412"
    },
    {
      "name": "CVE-2021-3564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
    },
    {
      "name": "CVE-2021-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
    },
    {
      "name": "CVE-2021-42739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
    },
    {
      "name": "CVE-2021-3156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
    },
    {
      "name": "CVE-2022-21294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
    },
    {
      "name": "CVE-2021-3752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
    },
    {
      "name": "CVE-2023-22415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22415"
    },
    {
      "name": "CVE-2022-29154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
    },
    {
      "name": "CVE-2020-14779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
    },
    {
      "name": "CVE-2021-3177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
    },
    {
      "name": "CVE-2022-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-34169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
    },
    {
      "name": "CVE-2007-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2285"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2020-12362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
    },
    {
      "name": "CVE-2021-22555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
    },
    {
      "name": "CVE-2022-21341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
    },
    {
      "name": "CVE-2021-3347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2021-37576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37576"
    },
    {
      "name": "CVE-2020-26137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
    },
    {
      "name": "CVE-2021-35578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
    },
    {
      "name": "CVE-2021-2226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
    },
    {
      "name": "CVE-2023-22410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22410"
    },
    {
      "name": "CVE-2021-0920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
    },
    {
      "name": "CVE-2020-14583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
    },
    {
      "name": "CVE-2023-22408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22408"
    },
    {
      "name": "CVE-2022-21340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
    },
    {
      "name": "CVE-2021-2342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
    },
    {
      "name": "CVE-2022-22720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
    },
    {
      "name": "CVE-2022-21293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
    },
    {
      "name": "CVE-2022-21549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21549"
    },
    {
      "name": "CVE-2020-14871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14871"
    },
    {
      "name": "CVE-2022-21282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
    },
    {
      "name": "CVE-2022-21349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2022-1729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
    },
    {
      "name": "CVE-2021-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
    },
    {
      "name": "CVE-2021-3504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3504"
    },
    {
      "name": "CVE-2021-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
    },
    {
      "name": "CVE-2023-22414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22414"
    },
    {
      "name": "CVE-2022-21248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
    },
    {
      "name": "CVE-2023-22411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22411"
    },
    {
      "name": "CVE-2020-14145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
    },
    {
      "name": "CVE-2022-21277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21277"
    },
    {
      "name": "CVE-2021-32399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
    },
    {
      "name": "CVE-2021-35564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2021-23840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
    },
    {
      "name": "CVE-2020-24512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
    },
    {
      "name": "CVE-2022-21496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
    },
    {
      "name": "CVE-2020-11668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
    },
    {
      "name": "CVE-2019-11287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11287"
    },
    {
      "name": "CVE-2021-44790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
    },
    {
      "name": "CVE-2021-35556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
    },
    {
      "name": "CVE-2020-24511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
    },
    {
      "name": "CVE-2021-33033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
    },
    {
      "name": "CVE-2021-4028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4028"
    },
    {
      "name": "CVE-2022-21443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
    },
    {
      "name": "CVE-2021-3765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
    },
    {
      "name": "CVE-2021-23841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
    },
    {
      "name": "CVE-2021-40438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
    },
    {
      "name": "CVE-2020-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
    },
    {
      "name": "CVE-2021-4034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
    },
    {
      "name": "CVE-2022-24903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2019-1551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
    },
    {
      "name": "CVE-2016-8743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
    },
    {
      "name": "CVE-2021-2372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
    },
    {
      "name": "CVE-2022-21619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
    },
    {
      "name": "CVE-2021-25217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
    },
    {
      "name": "CVE-2021-35561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
    },
    {
      "name": "CVE-2022-21476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
    },
    {
      "name": "CVE-2020-0548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
    },
    {
      "name": "CVE-2020-28469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
    },
    {
      "name": "CVE-2022-21541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
    },
    {
      "name": "CVE-2020-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
    },
    {
      "name": "CVE-2016-8625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
    },
    {
      "name": "CVE-2021-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
    },
    {
      "name": "CVE-2022-21360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
    },
    {
      "name": "CVE-2022-21296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
    },
    {
      "name": "CVE-2022-21540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
    },
    {
      "name": "CVE-2023-22413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22413"
    },
    {
      "name": "CVE-2023-22395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22395"
    },
    {
      "name": "CVE-2021-35940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35940"
    },
    {
      "name": "CVE-2020-14577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
    }
  ],
  "initial_release_date": "2023-01-23T00:00:00",
  "last_revision_date": "2023-01-23T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0051",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-01-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70195 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10K-Series-PFE-crash-upon-receipt-of-specific-genuine-packets-when-sFlow-is-enabled-CVE-2023-22399?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70183 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Cloud-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Cloud-release-13-7-0?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70203 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-RPD-crash-can-happen-due-to-an-MPLS-TE-tunnel-configuration-change-on-a-directly-connected-router-CVE-2023-22407?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70192 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Receipt-of-crafted-TCP-packets-on-Ethernet-console-port-results-in-MBUF-leak-leading-to-Denial-of-Service-DoS-CVE-2023-22396?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70213 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-A-memory-leak-might-be-observed-in-IPsec-VPN-scenario-leading-to-an-FPC-crash-CVE-2023-22417?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70193 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-PTX10003-An-attacker-sending-specific-genuine-packets-will-cause-a-memory-leak-in-the-PFE-leading-to-a-Denial-of-Service-CVE-2023-22397?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70181 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-might-crash-when-MPLS-ping-is-performed-on-BGP-LSPs-CVE-2023-22398?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70186 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70179 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Northstar-Controller-Pivotal-RabbitMQ-contains-a-web-management-plugin-that-is-vulnerable-to-a-Denial-of-Service-DoS-attack-CVE-2019-11287?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70208 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flowd-daemon-will-crash-if-the-SIP-ALG-is-enabled-and-specific-SIP-messages-are-processed-CVE-2023-22412?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70201 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX5k-Series-EX46xx-Series-MAC-limiting-feature-stops-working-after-PFE-restart-device-reboot--CVE-2023-22405?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70209 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-FPC-crash-when-an-IPsec6-tunnel-processes-specific-IPv4-packets-CVE-2023-22413?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70187 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-ACX2K-Series-Receipt-of-a-high-rate-of-specific-traffic-will-lead-to-a-Denial-of-Service-DoS-CVE-2023-22391?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70199 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10k-Series-ICCP-flap-will-be-observed-due-to-excessive-specific-traffic-CVE-2023-22403?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70180 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-OpenSSL-Infinite-loop-in-BN-mod-sqrt-reachable-when-parsing-certificates-CVE-2022-0778?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70198 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-The-kernel-might-restart-in-a-BGP-scenario-where-bgp-auto-discovery-is-enabled-and-such-a-neighbor-flaps-CVE-2023-22402?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70196 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-A-specific-SNMP-GET-operation-and-a-specific-CLI-commands-cause-resources-to-leak-and-eventually-the-evo-pfemand-process-will-crash-CVE-2023-22400?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70197 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-PTX10008-PTX10016-When-a-specific-SNMP-MIB-is-queried-the-FPC-will-crash-CVE-2023-22401?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70202 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-memory-leak-which-will-ultimately-lead-to-an-rpd-crash-will-be-observed-when-a-peer-interface-flaps-continuously-in-a-Segment-Routing-scenario-CVE-2023-22406?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70190 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Memory-leak-due-to-receipt-of-specially-crafted-SIP-calls-CVE-2023-22394?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70191 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-In-an-MPLS-scenario-the-processing-of-specific-packets-to-the-device-causes-a-buffer-leak-and-ultimately-a-loss-of-connectivity-CVE-2023-22395?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69903 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-R22-3?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70204 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Upon-processing-of-a-specific-SIP-packet-an-FPC-can-crash-CVE-2023-22408?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70200 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-When-IPsec-VPN-is-configured-iked-will-core-when-a-specifically-formatted-payload-is-received-CVE-2023-22404?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70212 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-if-SIP-ALG-is-enabled-and-a-malicious-SIP-packet-is-received-CVE-2023-22416?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70185 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-3R1-release?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70211 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flow-processing-daemon-flowd-will-crash-when-a-specific-H-323-packet-is-received-CVE-2023-22415?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70210 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-An-FPC-memory-leak-is-observed-when-specific-multicast-packets-are-processed-CVE-2023-22414?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70206 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-with-MPC10-MPC11-When-Suspicious-Control-Flow-Detection-scfd-is-enabled-and-an-attacker-is-sending-specific-traffic-this-causes-a-memory-leak-CVE-2023-22410?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70205 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-SPC3-When-an-inconsistent-NAT-configuration-exists-and-a-specific-CLI-command-is-issued-the-SPC-will-reboot-CVE-2023-22409?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70182 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70189 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-upon-receipt-of-BGP-route-with-invalid-next-hop-CVE-2023-22393?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70207 du 11 janvier 2023",
      "url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-when-Unified-Policies-are-used-with-IPv6-and-certain-dynamic-applications-are-rejected-by-the-device-CVE-2023-22411?language=en_US"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2020-8698 (GCVE-0-2020-8698)

Vulnerability from cvelistv5

CERTFR-2020-AVI-746

Vulnerability from certfr_avis

Solution

CERTFR-2021-AVI-357

Vulnerability from certfr_avis

Solution

CERTFR-2023-AVI-0051

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature