Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-37701 (GCVE-0-2021-37701)
Vulnerability from cvelistv5
Published
2021-08-31 00:00
Modified
2024-08-04 01:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\` and `/` characters as path separators, however `\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:23:01.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.npmjs.com/package/tar"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "DSA-5008",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5008"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"name": "[debian-lts-announce] 20221212 [SECURITY] [DLA 3237-1] node-tar security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "node-tar",
"vendor": "npm",
"versions": [
{
"status": "affected",
"version": "\u003c 4.4.16"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.8"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The npm package \"tar\" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory, where the symlink and directory names in the archive entry used backslashes as a path separator on posix systems. The cache checking logic used both `\\` and `/` characters as path separators, however `\\` is a valid filename character on posix systems. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. Additionally, a similar confusion could arise on case-insensitive filesystems. If a tar archive contained a directory at `FOO`, followed by a symbolic link named `foo`, then on case-insensitive file systems, the creation of the symbolic link would remove the directory from the filesystem, but _not_ from the internal directory cache, as it would not be treated as a cache hit. A subsequent file entry within the `FOO` directory would then be placed in the target of the symbolic link, thinking that the directory had already been created. These issues were addressed in releases 4.4.16, 5.0.8 and 6.1.7. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-9r2w-394v-53qc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-12T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://www.npmjs.com/package/tar"
},
{
"url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "DSA-5008",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5008"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"name": "[debian-lts-announce] 20221212 [SECURITY] [DLA 3237-1] node-tar security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html"
}
],
"source": {
"advisory": "GHSA-9r2w-394v-53qc",
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-37701",
"datePublished": "2021-08-31T00:00:00.000Z",
"dateReserved": "2021-07-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:23:01.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2022-AVI-494
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour UNIX versions 6.2.x antérieures à 6.2.0.3.iFix013 | ||
| IBM | QRadar | IBM Security QRadar Analyst Workflow versions antérieures à 2.15.1 | ||
| IBM | QRadar Deployment Intelligence App | IBM QRadar Deployment Intelligence App versions antérieures à 3.0.5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct pour UNIX versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.3.iFix013",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Security QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.15.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.5",
"product": {
"name": "QRadar Deployment Intelligence App",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-28498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28498"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"name": "CVE-2021-27292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-7793",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7793"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
}
],
"initial_release_date": "2022-05-25T00:00:00",
"last_revision_date": "2022-05-25T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-494",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589583 du 25 avril 2022",
"url": "https://www.ibm.com/support/pages/node/6589583"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589575 du 24 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589575"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6589581 du 11 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6589581"
}
]
}
CERTFR-2022-AVI-216
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Mendix Forgot Password Appstore module versions 3.2.x antérieures à 3.2.2
- Mendix Forgot Password Appstore module versions 3.3.x à 3.5.x antérieures à 3.5.1
- Mendix Applications utilisant Mendix versions 7.x antérieures à 7.23.29
- Mendix Applications utilisant Mendix versions 8.x antérieures à 8.18.16
- COMOS versions antérieures à 10.4.1
- Simcenter STAR-CCM+ Viewer versions antérieures à V2022.1
- SIMOTICS CONNECT 400 versions antérieures à 1.0.0.0
- Climatix POL909 (module AWB) versions antérieures à 11.44
- Climatix POL909 (module AWM) versions antérieures à 11.36
- RUGGEDCOM ROS M2100, RMC8388, RS416v2, RS900G, RS900G (32M), RSG900, RSG920P, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions antérieures à 5.6.0
- SINUMERIK MC versions antérieures à 1.15 SP1
- SINUMERIK ONE versions antérieures à 6.15 SP1
- SINEC INS versions antérieures à 1.0.1.1
- RUGGEDCOM ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536 et RX5000 versions antérieures à 2.15.0
- Polarion Subversion Webclient versions antérieures à 21 R2 P2
- RUGGEDCOM ROS i800, i801, i802, i803, M969, M2100, M2200, RMC, RMC20, RMC30, RMC40, RMC41, RMC8388, RP110, RS400, RS401, RS416, RS416v2, RS900 (32M), RS900G, RS900G (32M), RS900GP, RS900L, RS900L, RS900W, RS910, RS910L, RS910W, RS920L, RS920W, RS930L, RS930W, RS940G, RS969, RS8000, RS8000A, RS8000H, RS8000T, RSG900, RSG900C, RSG900G, RSG900R, RSG907R, RSG908C, RSG909R, RSG910C, RSG920P, RSG2100, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2200, RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions antérieures à 5.6.0
L'éditeur ne propose pas de correctif pour :
- Mendix Applications utilisant Mendix versions 9
- SINEC NMS toutes versions
Se référer aux mesures de contournement proposées dans la section Documentation.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eMendix Forgot Password Appstore module versions 3.2.x ant\u00e9rieures \u00e0 3.2.2\u003c/li\u003e \u003cli\u003eMendix Forgot Password Appstore module versions 3.3.x \u00e0 3.5.x ant\u00e9rieures \u00e0 3.5.1\u003c/li\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 7.x ant\u00e9rieures \u00e0 7.23.29\u003c/li\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 8.x ant\u00e9rieures \u00e0 8.18.16\u003c/li\u003e \u003cli\u003eCOMOS versions ant\u00e9rieures \u00e0 10.4.1\u003c/li\u003e \u003cli\u003eSimcenter STAR-CCM+ Viewer versions ant\u00e9rieures \u00e0 V2022.1\u003c/li\u003e \u003cli\u003eSIMOTICS CONNECT 400 versions ant\u00e9rieures \u00e0 1.0.0.0\u003c/li\u003e \u003cli\u003eClimatix POL909 (module AWB) versions ant\u00e9rieures \u00e0 11.44\u003c/li\u003e \u003cli\u003eClimatix POL909 (module AWM) versions ant\u00e9rieures \u00e0 11.36\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROS M2100, RMC8388, RS416v2, RS900G, RS900G (32M), RSG900, RSG920P, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions ant\u00e9rieures \u00e0 5.6.0\u003c/li\u003e \u003cli\u003eSINUMERIK MC versions ant\u00e9rieures \u00e0 1.15 SP1\u003c/li\u003e \u003cli\u003eSINUMERIK ONE versions ant\u00e9rieures \u00e0 6.15 SP1\u003c/li\u003e \u003cli\u003eSINEC INS versions ant\u00e9rieures \u00e0 1.0.1.1\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536 et RX5000 versions ant\u00e9rieures \u00e0 2.15.0\u003c/li\u003e \u003cli\u003ePolarion Subversion Webclient versions ant\u00e9rieures \u00e0 21 R2 P2\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROS i800, i801, i802, i803, M969, M2100, M2200, RMC, RMC20, RMC30, RMC40, RMC41, RMC8388, RP110, RS400, RS401, RS416, RS416v2, RS900 (32M), RS900G, RS900G (32M), RS900GP, RS900L, RS900L, RS900W, RS910, RS910L, RS910W, RS920L, RS920W, RS930L, RS930W, RS940G, RS969, RS8000, RS8000A, RS8000H, RS8000T, RSG900, RSG900C, RSG900G, RSG900R, RSG907R, RSG908C, RSG909R, RSG910C, RSG920P, RSG2100, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2200, RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions ant\u00e9rieures \u00e0 5.6.0\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour :\u003c/p\u003e \u003cul\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 9\u003c/li\u003e \u003cli\u003eSINEC NMS toutes versions\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es dans la section Documentation.\u003c/p\u003e \u003cp\u003e\u0026nbsp;\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44478"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2021-42017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42017"
},
{
"name": "CVE-2022-24282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24282"
},
{
"name": "CVE-2021-25215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25215"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2021-25174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25174"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-32944",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32944"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2021-42020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42020"
},
{
"name": "CVE-2020-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
},
{
"name": "CVE-2021-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
},
{
"name": "CVE-2021-22940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2022-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24281"
},
{
"name": "CVE-2021-32936",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32936"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2020-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
},
{
"name": "CVE-2020-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
},
{
"name": "CVE-2021-22918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
},
{
"name": "CVE-2020-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27304"
},
{
"name": "CVE-2021-32946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32946"
},
{
"name": "CVE-2021-41543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41543"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2021-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3450"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2021-40366",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40366"
},
{
"name": "CVE-2021-41542",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41542"
},
{
"name": "CVE-2021-41541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41541"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2022-24309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24309"
},
{
"name": "CVE-2020-8265",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8265"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2021-32938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32938"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2022-26317",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26317"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2021-32940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32940"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2021-37208",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37208"
},
{
"name": "CVE-2021-32948",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32948"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-26313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26313"
},
{
"name": "CVE-2021-22921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22921"
},
{
"name": "CVE-2021-25216",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25216"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-25177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25177"
},
{
"name": "CVE-2021-25175",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25175"
},
{
"name": "CVE-2021-22884",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22884"
},
{
"name": "CVE-2021-32952",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32952"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2018-7160",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7160"
},
{
"name": "CVE-2021-32950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32950"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2021-31346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31346"
},
{
"name": "CVE-2022-26314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26314"
},
{
"name": "CVE-2021-31784",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31784"
},
{
"name": "CVE-2021-22883",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22883"
},
{
"name": "CVE-2020-8231",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2021-25214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2021-31889",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31889"
},
{
"name": "CVE-2022-24408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24408"
},
{
"name": "CVE-2021-42016",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42016"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-39134",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39134"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-8287",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8287"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2022-24661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24661"
},
{
"name": "CVE-2021-22890",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
},
{
"name": "CVE-2021-25219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2021-42018",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42018"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2021-39135",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39135"
},
{
"name": "CVE-2021-25176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25176"
},
{
"name": "CVE-2021-31890",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31890"
},
{
"name": "CVE-2021-25178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25178"
},
{
"name": "CVE-2021-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2021-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25173"
},
{
"name": "CVE-2021-22945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
},
{
"name": "CVE-2022-25311",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25311"
},
{
"name": "CVE-2021-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31344"
},
{
"name": "CVE-2021-37209",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37209"
},
{
"name": "CVE-2021-42019",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42019"
},
{
"name": "CVE-2020-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8625"
}
],
"initial_release_date": "2022-03-08T00:00:00",
"last_revision_date": "2022-03-08T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-216",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166747 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-166747.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-252466 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-252466.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-562051 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-562051.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-223353 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-337210 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-337210.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-148641 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-148641.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-389290 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-389290.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-764417 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-764417.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-256353 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-256353.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-703715 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-703715.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-594438 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-594438.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-415938 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-415938.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-134279 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-134279.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-155599 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-155599.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-406691 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-406691.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-250085 du 8 mars 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-250085.html"
}
]
}
CERTFR-2022-AVI-510
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2021-22940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-15168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15168"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
}
],
"initial_release_date": "2022-06-01T00:00:00",
"last_revision_date": "2022-06-01T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-510",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6590981 du 31 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6590981"
}
]
}
CERTFR-2023-AVI-0976
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | Services Web IBM Sterling Connect:Direct versions 6.2.x antérieures à 6.2.0.20 | ||
| IBM | Sterling Connect:Direct | Interface utilisateur IBM Sterling Connect:Direct versions 1.x antérieures à 1.5.0.2 iFix-39 | ||
| IBM | QRadar | Agent QRadar WinCollect (Standalone) versions antérieures à 10.1.8 | ||
| IBM | Sterling Connect:Direct | Services Web IBM Sterling Connect:Direct versions 6.0.x à 6.1.x antérieures à 6.1.0.22 | ||
| IBM | QRadar | Suite QRadar versions 1.10.x antérieures à 1.10.17.0 | ||
| IBM | Sterling | IBM Sterling B2B Integrator versions 6.0.x antérieures à 6.0.3.9 | ||
| IBM | Sterling | IBM Sterling B2B Integrator versions 6.1.0.x à 6.1.2.x antérieures à 6.1.2.3 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.10.x antérieures à 1.10.17.0 | ||
| IBM | Sterling Connect:Direct | Services Web IBM Sterling Connect:Direct versions 6.3.x antérieures à 6.3.0.5 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Services Web IBM Sterling Connect:Direct versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.20",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Interface utilisateur IBM Sterling Connect:Direct versions 1.x ant\u00e9rieures \u00e0 1.5.0.2 iFix-39",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Agent QRadar WinCollect (Standalone) versions ant\u00e9rieures \u00e0 10.1.8",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Services Web IBM Sterling Connect:Direct versions 6.0.x \u00e0 6.1.x ant\u00e9rieures \u00e0 6.1.0.22",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Suite QRadar versions 1.10.x ant\u00e9rieures \u00e0 1.10.17.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling B2B Integrator versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling B2B Integrator versions 6.1.0.x \u00e0 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.3",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.10.x ant\u00e9rieures \u00e0 1.10.17.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Services Web IBM Sterling Connect:Direct versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-36313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36313"
},
{
"name": "CVE-2021-42248",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42248"
},
{
"name": "CVE-2021-33196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2020-28367",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28367"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-26279",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26279"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-36777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36777"
},
{
"name": "CVE-2023-32001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32001"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2017-18640",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18640"
},
{
"name": "CVE-2021-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
},
{
"name": "CVE-2023-34104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34104"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2020-24553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24553"
},
{
"name": "CVE-2021-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41080"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2021-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39008"
},
{
"name": "CVE-2020-14039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14039"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2020-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28366"
},
{
"name": "CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
}
],
"initial_release_date": "2023-11-23T00:00:00",
"last_revision_date": "2023-11-23T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0976",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080118 du 20 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080118"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080174 du 21 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080174"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080106 du 20 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080106"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080058 du 20 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080058"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080117 du 20 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080117"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080177 du 21 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080177"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7080176 du 21 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7080176"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7081403 du 22 novembre 2023",
"url": "https://www.ibm.com/support/pages/node/7081403"
}
]
}
CERTFR-2022-AVI-413
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Belden Provize Basic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Provize Basic versions ant\u00e9rieures \u00e0 1.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-23406",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23406"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2021-33623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33623"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-23214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23214"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
}
],
"initial_release_date": "2022-05-05T00:00:00",
"last_revision_date": "2022-05-05T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-413",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Belden Provize\nBasic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Belden Provize Basic",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2022-01 du 03 mai 2022",
"url": "https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=14297\u0026mediaformatid=50063\u0026destinationid=10016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2022-11 du 03 mai 2022",
"url": "https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=14299\u0026mediaformatid=50063\u0026destinationid=10016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2022-05 du 03 mai 2022",
"url": "https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=14298\u0026mediaformatid=50063\u0026destinationid=10016"
}
]
}
CERTFR-2022-AVI-928
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | IBM QRadar Pulse App versions antérieures à 2.2.9 | ||
| IBM | N/A | CP4BA version 22.0.1 sans le correctif de sécurité CP4BA 22.0.1-IF2 | ||
| IBM | Cloud Pak | IBM Robotic Process Automation pour Cloud Pak versions antérieures à 21.0.5 | ||
| IBM | N/A | IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de sécurité CMIS 3.0.6-IF2 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.3 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x antérieures à 11.1.7 FP6 | ||
| IBM | N/A | CP4BA version 21.0.3 sans le correctif de sécurité CP4BA 21.0.3-IF12 | ||
| IBM | N/A | Enterprise Content Management System Monitor (ESM) versions 5.5.x antérieures à 5.5.9 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics version 4.1.8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 22.0.1 sans le correctif de s\u00e9curit\u00e9 CP4BA 22.0.1-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Robotic Process Automation pour Cloud Pak versions ant\u00e9rieures \u00e0 21.0.5",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM ECM CMIS et FileNet Collaboration Services version 3.0.6 sans le correctif de s\u00e9curit\u00e9 CMIS 3.0.6-IF2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 FP6",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "CP4BA version 21.0.3 sans le correctif de s\u00e9curit\u00e9 CP4BA 21.0.3-IF12",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Enterprise Content Management System Monitor (ESM) versions 5.5.x ant\u00e9rieures \u00e0 5.5.9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics version 4.1.8",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-34538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34538"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2018-20852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20852"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2020-4051",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4051"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2022-34339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34339"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20406",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20406"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2019-16935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16935"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24758"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2022-10-19T00:00:00",
"last_revision_date": "2022-10-19T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-928",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830211 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830211"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830243 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830243"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6828527 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6828527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830257 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830257"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830265 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830265"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 18 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"initial_release_date": "2023-03-31T00:00:00",
"last_revision_date": "2023-03-31T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2024-AVI-0575
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.4 antérieures à 22.4R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 23.2 antérieures à 23.2R2-S1 | ||
| Juniper Networks | N/A | Session Smart Router versions 6.2 antérieures à SSR-6.2.5-r2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.4-EVO antérieures à 22.4R3-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.2-EVO antérieures à 23.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.2 antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.3-EVO antérieures à 21.3R3-S5-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.2-EVO antérieures à 21.2R3-S7-EVO | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 20.4R3-S9 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R2-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Session Smart Router versions 6.1 antérieures à SSR-6.1.8-lts | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 antérieures à 20.4R3-S10 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 antérieures à 22.2R3-S1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 21.4 antérieures à 21.4R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R1-S2 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 antérieures à 22.2R3-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 23.2R1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R1-S1-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.4R3-S8 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R1-S1 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions antérieures à 21.2R3-S7 | ||
| Juniper Networks | N/A | Session Smart Router versions antérieures à SSR-5.6.14 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 antérieures à 22.1R3-S2 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 antérieures à 22.3R3-S1 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.4R3-S7-EVO | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R1-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R1-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos Space versions antérieures à 24.1R1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 20.4R3-S10-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.4 antérieures à 22.4R3-S1 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R1-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R2-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à before 22.1R3-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R2-S1 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 antérieures à 22.1R3-S4 | ||
| Juniper Networks | N/A | Junos OS versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 22.1R2-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R2-S1 | ||
| Juniper Networks | N/A | Junos OS versions 23.1 antérieures à 23.1R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R2-S2 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R1-S2-EVO |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.2 ant\u00e9rieures \u00e0 SSR-6.2.5-r2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.3-EVO ant\u00e9rieures \u00e0 21.3R3-S5-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.2-EVO ant\u00e9rieures \u00e0 21.2R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.1 ant\u00e9rieures \u00e0 SSR-6.1.8-lts",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 ant\u00e9rieures \u00e0 20.4R3-S10",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 23.2R1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.4R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions ant\u00e9rieures \u00e0 21.2R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-5.6.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S10-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R2-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 before 22.1R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.1R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.1 ant\u00e9rieures \u00e0 23.1R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-39560",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39560"
},
{
"name": "CVE-2023-32435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32435"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-39554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39554"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-39539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39539"
},
{
"name": "CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2024-39558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39558"
},
{
"name": "CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2022-36760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36760"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-39552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39552"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2021-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29469"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2024-39546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39546"
},
{
"name": "CVE-2024-39540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39540"
},
{
"name": "CVE-2018-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3737"
},
{
"name": "CVE-2024-39543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39543"
},
{
"name": "CVE-2020-11984",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11984"
},
{
"name": "CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-39514",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39514"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-42013",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42013"
},
{
"name": "CVE-2023-34059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34059"
},
{
"name": "CVE-2024-39529",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39529"
},
{
"name": "CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2022-29167",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29167"
},
{
"name": "CVE-2020-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
},
{
"name": "CVE-2019-10747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10747"
},
{
"name": "CVE-2023-34058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34058"
},
{
"name": "CVE-2011-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5094"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2019-10097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10097"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-39536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39536"
},
{
"name": "CVE-2024-39555",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39555"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2020-13938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13938"
},
{
"name": "CVE-2016-10540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10540"
},
{
"name": "CVE-2019-10082",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10082"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2016-1000232",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000232"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2024-39561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39561"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2023-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30630"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-39535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39535"
},
{
"name": "CVE-2024-39545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39545"
},
{
"name": "CVE-2024-39531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39531"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2019-10081",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10081"
},
{
"name": "CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"name": "CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2023-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21980"
},
{
"name": "CVE-2024-39530",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39530"
},
{
"name": "CVE-2024-39532",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39532"
},
{
"name": "CVE-2023-27522",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27522"
},
{
"name": "CVE-2024-39557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39557"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2024-39550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39550"
},
{
"name": "CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2014-10064",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-10064"
},
{
"name": "CVE-2024-39511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39511"
},
{
"name": "CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"name": "CVE-2024-39548",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39548"
},
{
"name": "CVE-2020-11993",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11993"
},
{
"name": "CVE-2023-22652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22652"
},
{
"name": "CVE-2024-39528",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39528"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2024-39559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39559"
},
{
"name": "CVE-2014-7191",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7191"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-36049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36049"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2021-41524",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41524"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2020-12402",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12402"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-39519",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39519"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-2700",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2700"
},
{
"name": "CVE-2020-7754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7754"
},
{
"name": "CVE-2024-39533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39533"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"name": "CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-46663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46663"
},
{
"name": "CVE-2011-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
},
{
"name": "CVE-2024-39513",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39513"
},
{
"name": "CVE-2021-3803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2024-39518",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39518"
},
{
"name": "CVE-2023-37450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37450"
},
{
"name": "CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2020-7660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
},
{
"name": "CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"name": "CVE-2018-20834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20834"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2020-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1927"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2017-15010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15010"
},
{
"name": "CVE-2019-10092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10092"
},
{
"name": "CVE-2024-39541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39541"
},
{
"name": "CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"name": "CVE-2024-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39537"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"name": "CVE-2018-7408",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7408"
},
{
"name": "CVE-2019-20149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20149"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-39551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39551"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-39565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39565"
},
{
"name": "CVE-2021-31618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31618"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2024-39549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39549"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"name": "CVE-2021-41773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41773"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2020-9490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9490"
},
{
"name": "CVE-2020-28502",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28502"
},
{
"name": "CVE-2024-39556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39556"
},
{
"name": "CVE-2022-37436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37436"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2023-32439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32439"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2022-28330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28330"
},
{
"name": "CVE-2024-39542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39542"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2017-1000048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000048"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2019-10098",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10098"
},
{
"name": "CVE-2024-39538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39538"
},
{
"name": "CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
}
],
"initial_release_date": "2024-07-12T00:00:00",
"last_revision_date": "2024-10-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0575",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-12T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83001",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Inconsistent-information-in-the-TE-database-can-lead-to-an-rpd-crash-CVE-2024-39541"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82976",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-The-802-1X-Authentication-Daemon-crashes-on-running-a-specific-command-CVE-2024-39511"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83027",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83021",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX4600-SRX5000-Series-TCP-packets-with-SYN-FIN-or-SYN-RST-are-transferred-after-enabling-no-syn-check-with-Express-Path-CVE-2024-39561"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83018",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-PIM-packet-causes-rpd-crash-when-PIM-is-configured-along-with-MoFRR-CVE-2024-39558"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82987",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crashes-upon-concurrent-deletion-of-a-routing-instance-and-receipt-of-an-SNMP-request-CVE-2024-39528"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82982",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX240-MX480-MX960-platforms-using-MPC10E-Memory-leak-will-be-observed-when-subscribed-to-a-specific-subscription-on-Junos-Telemetry-Interface-CVE-2024-39518"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83012",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-line-card-Port-flaps-causes-rtlogd-memory-leak-leading-to-Denial-of-Service-CVE-2024-39550"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83019",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-a-specific-TCP-packet-may-result-in-a-system-crash-vmcore-on-dual-RE-systems-with-NSR-enabled-CVE-2024-39559"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83004",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-large-RPKI-RTR-PDU-packet-can-cause-rpd-to-crash-CVE-2024-39543"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83010",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specific-packets-in-the-aftmand-process-will-lead-to-a-memory-leak-CVE-2024-39548"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83014",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-multipath-incremental-calculation-is-resulting-in-an-rpd-crash-CVE-2024-39554"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82996",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Flaps-of-BFD-sessions-with-authentication-cause-a-ppmd-memory-leak-CVE-2024-39536"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82980",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receiving-specific-traffic-on-devices-with-EVPN-VPWS-with-IGMP-snooping-enabled-will-cause-the-rpd-to-crash-CVE-2024-39514"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83000",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-Specific-valid-TCP-traffic-can-cause-a-pfe-crash-CVE-2024-39540"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83008",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Local-low-privilege-user-can-gain-root-permissions-leading-to-privilege-escalation-CVE-2024-39546"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82991",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Protocol-specific-DDoS-configuration-affects-other-protocols-CVE-2024-39531"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83011",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Receipt-of-malformed-BGP-path-attributes-leads-to-a-memory-leak-CVE-2024-39549"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82989",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Attempting-to-access-specific-sensors-on-platforms-not-supporting-these-will-lead-to-a-chassisd-crash-CVE-2024-39530"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82997",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Ports-which-have-been-inadvertently-exposed-can-be-reached-over-the-network-CVE-2024-39537"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83023",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-EX-Series-J-Web-An-unauthenticated-network-based-attacker-can-perform-XPATH-injection-attack-against-a-device-CVE-2024-39565"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83026",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R1-release"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83013",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-MS-MPC-MIC-Receipt-of-specific-packets-in-H-323-ALG-causes-traffic-drop-CVE-2024-39551"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83002",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-malformed-CFM-packet-or-specific-transit-traffic-leads-to-FPC-crash-CVE-2024-39542"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83015",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-update-causes-the-session-to-reset-CVE-2024-39555"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83007",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-NFX350-When-VPN-tunnels-parameters-are-not-matching-the-iked-process-will-crash-CVE-2024-39545"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82995",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-specific-traffic-is-received-in-a-VPLS-scenario-evo-pfemand-crashes-CVE-2024-39535"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82993",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX4600-Series-Output-firewall-filter-is-not-applied-if-certain-match-criteria-are-used-CVE-2024-39533"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75726",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Malformed-BGP-UPDATE-causes-RPD-crash-CVE-2024-39552"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82988",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-If-DNS-traceoptions-are-configured-in-a-DGA-or-tunnel-detection-scenario-specific-DNS-traffic-leads-to-a-PFE-crash-CVE-2024-39529"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83017",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-MAC-table-changes-cause-a-memory-leak-CVE-2024-39557"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82983",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Multicast-traffic-is-looped-in-a-multihoming-EVPN-MPLS-scenario-CVE-2024-39519"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83020",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Memory-leak-due-to-RSVP-neighbor-persistent-error-leading-to-kernel-crash-CVE-2024-39560"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82998",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-multicast-traffic-with-a-specific-S-G-is-received-evo-pfemand-crashes-CVE-2024-39538"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82999",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-Continuous-subscriber-logins-will-lead-to-a-memory-leak-and-eventually-an-FPC-crash-CVE-2024-39539"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83016",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Loading-a-malicious-certificate-from-the-CLI-may-result-in-a-stack-based-overflow-CVE-2024-39556"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82992",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Confidential-information-in-logs-can-be-accessed-by-another-user-CVE-2024-39532"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82978",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Execution-of-a-specific-CLI-command-will-cause-a-crash-in-the-AFT-manager-CVE-2024-39513"
}
]
}
CERTFR-2022-AVI-924
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.9",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Analyst Workflow versions ant\u00e9rieures \u00e0 2.31.4",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2020-7788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7788"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-33502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2022-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2018-25031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25031"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2019-1010266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010266"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2021-23346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23346"
},
{
"name": "CVE-2021-23566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23566"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2022-10-18T00:00:00",
"last_revision_date": "2022-10-18T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-924",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6827633 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6827633"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6830017 du 17 octobre 2022",
"url": "https://www.ibm.com/support/pages/node/6830017"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…