Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-45960 (GCVE-0-2021-45960)
Vulnerability from cvelistv5
Published
2022-01-01 18:47
Modified
2025-05-05 16:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:54:31.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/issues/531"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/534"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609"
},
{
"name": "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/17/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0004/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-05"
},
{
"name": "DSA-5073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"name": "GLSA-202209-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202209-24"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-45960",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:38.168960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-682",
"description": "CWE-682 Incorrect Calculation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:45:11.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-29T16:07:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libexpat/libexpat/issues/531"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libexpat/libexpat/pull/534"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609"
},
{
"name": "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/17/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0004/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2022-05"
},
{
"name": "DSA-5073",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"name": "GLSA-202209-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202209-24"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/libexpat/libexpat/issues/531",
"refsource": "MISC",
"url": "https://github.com/libexpat/libexpat/issues/531"
},
{
"name": "https://github.com/libexpat/libexpat/pull/534",
"refsource": "MISC",
"url": "https://github.com/libexpat/libexpat/pull/534"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1217609"
},
{
"name": "[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/17/3"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220121-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220121-0004/"
},
{
"name": "https://www.tenable.com/security/tns-2022-05",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2022-05"
},
{
"name": "DSA-5073",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5073"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"name": "GLSA-202209-24",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202209-24"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45960",
"datePublished": "2022-01-01T18:47:46.000Z",
"dateReserved": "2022-01-01T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:45:11.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/issues/531\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/534\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1217609\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/01/17/3\", \"name\": \"[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0004/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.tenable.com/security/tns-2022-05\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5073\", \"name\": \"DSA-5073\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-24\", \"name\": \"GLSA-202209-24\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T04:54:31.123Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-45960\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:29:38.168960Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-682\", \"description\": \"CWE-682 Incorrect Calculation\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:17:20.967Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/issues/531\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/534\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1217609\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/01/17/3\", \"name\": \"[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0004/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.tenable.com/security/tns-2022-05\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5073\", \"name\": \"DSA-5073\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-24\", \"name\": \"GLSA-202209-24\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2022-09-29T16:07:13.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/libexpat/libexpat/issues/531\", \"name\": \"https://github.com/libexpat/libexpat/issues/531\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/534\", \"name\": \"https://github.com/libexpat/libexpat/pull/534\", \"refsource\": \"MISC\"}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1217609\", \"name\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1217609\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/01/17/3\", \"name\": \"[oss-security] 20220117 Expat 2.4.3 released, includes 8 security fixes\", \"refsource\": \"MLIST\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0004/\", \"name\": \"https://security.netapp.com/advisory/ntap-20220121-0004/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.tenable.com/security/tns-2022-05\", \"name\": \"https://www.tenable.com/security/tns-2022-05\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.debian.org/security/2022/dsa-5073\", \"name\": \"DSA-5073\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.gentoo.org/glsa/202209-24\", \"name\": \"GLSA-202209-24\", \"refsource\": \"GENTOO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-45960\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-45960\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-05T16:45:11.487Z\", \"dateReserved\": \"2022-01-01T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-01-01T18:47:46.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-1015
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions | ||
| Siemens | N/A | Opcenter Quality toutes versions | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC PC-Station Plus toutes versions | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SINUMERIK MC toutes versions | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK ONE toutes versions | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions | ||
| Siemens | N/A | SINUMERIK Integrate RunMyHMI /Automotive toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions | ||
| Siemens | N/A | SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) versions antérieures à V19 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions | ||
| Siemens | N/A | LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V4.1 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SINEC INS versions antérieures à V1.0 SP2 Update 2 | ||
| Siemens | N/A | LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC CP 1243-7 LTE toutes versions | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions | ||
| Siemens | N/A | LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0 | ||
| Siemens | N/A | Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2 | ||
| Siemens | N/A | SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3 | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Opcenter Quality toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PC-Station Plus toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK MC toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-7 LTE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2017-0663",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2018-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
},
{
"name": "CVE-2019-6111",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2019-5443",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
},
{
"name": "CVE-2019-6109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
},
{
"name": "CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"name": "CVE-2019-3859",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
},
{
"name": "CVE-2019-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
},
{
"name": "CVE-2019-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
},
{
"name": "CVE-2019-3858",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-13565",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
},
{
"name": "CVE-2019-13057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2019-5018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
},
{
"name": "CVE-2019-9936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
},
{
"name": "CVE-2019-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-8285",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
},
{
"name": "CVE-2020-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
},
{
"name": "CVE-2020-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
},
{
"name": "CVE-2020-36224",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
},
{
"name": "CVE-2020-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
},
{
"name": "CVE-2020-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
},
{
"name": "CVE-2020-36225",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
},
{
"name": "CVE-2020-36228",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
},
{
"name": "CVE-2020-36223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
},
{
"name": "CVE-2020-36229",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
},
{
"name": "CVE-2020-36226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
},
{
"name": "CVE-2020-36230",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
},
{
"name": "CVE-2020-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
},
{
"name": "CVE-2021-28363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
},
{
"name": "CVE-2020-8284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2021-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
},
{
"name": "CVE-2019-17543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2019-20907",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
},
{
"name": "CVE-2020-10543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
},
{
"name": "CVE-2020-12723",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
},
{
"name": "CVE-2021-20305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2020-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
},
{
"name": "CVE-2020-29573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
},
{
"name": "CVE-2019-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
},
{
"name": "CVE-2020-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2021-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
},
{
"name": "CVE-2021-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2020-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2020-29362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
},
{
"name": "CVE-2019-9169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
},
{
"name": "CVE-2020-29363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2020-13776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2020-25692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
},
{
"name": "CVE-2016-10228",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
},
{
"name": "CVE-2020-29361",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-8231",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
},
{
"name": "CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"name": "CVE-2020-8315",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2021-22945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2019-9948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2019-6110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2019-16905",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2019-5436",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2021-22890",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
},
{
"name": "CVE-2021-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2021-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2019-10160",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
},
{
"name": "CVE-2019-16056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
},
{
"name": "CVE-2020-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
},
{
"name": "CVE-2019-17594",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
},
{
"name": "CVE-2019-17595",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
},
{
"name": "CVE-2021-20231",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
},
{
"name": "CVE-2021-36085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
},
{
"name": "CVE-2021-36084",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
},
{
"name": "CVE-2021-20232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
},
{
"name": "CVE-2021-36086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
},
{
"name": "CVE-2021-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
},
{
"name": "CVE-2021-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
},
{
"name": "CVE-2021-33560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
},
{
"name": "CVE-2021-28153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2022-29155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2021-4122",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2022-27778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2020-15523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-25136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2018-12886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2023-1077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2023-31238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2023-30901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
},
{
"name": "CVE-2021-3998",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
},
{
"name": "CVE-2019-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
},
{
"name": "CVE-2020-35527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2019-19959",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
},
{
"name": "CVE-2020-35525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2016-3709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2023-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-34319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-28831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-44321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
},
{
"name": "CVE-2023-44374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
},
{
"name": "CVE-2023-44320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
},
{
"name": "CVE-2023-44319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
},
{
"name": "CVE-2023-44317",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
},
{
"name": "CVE-2023-44318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
},
{
"name": "CVE-2023-44373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
},
{
"name": "CVE-2023-44322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2020-19186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
},
{
"name": "CVE-2020-19190",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
},
{
"name": "CVE-2020-19185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2020-19187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
},
{
"name": "CVE-2020-19188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
},
{
"name": "CVE-2020-19909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
},
{
"name": "CVE-2019-11360",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
},
{
"name": "CVE-2019-13627",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
},
{
"name": "CVE-2019-7309",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2019-1010024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
},
{
"name": "CVE-2022-47375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
},
{
"name": "CVE-2019-19126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
},
{
"name": "CVE-2023-46283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
},
{
"name": "CVE-2023-46282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2014-7209",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
},
{
"name": "CVE-2023-48431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2017-17512",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
},
{
"name": "CVE-2020-1712",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
},
{
"name": "CVE-2023-48430",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
},
{
"name": "CVE-2019-6488",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
},
{
"name": "CVE-2023-39128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
},
{
"name": "CVE-2018-20482",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
},
{
"name": "CVE-2021-27212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
},
{
"name": "CVE-2019-5481",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
},
{
"name": "CVE-2021-43396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2019-20795",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2019-9674",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2020-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
},
{
"name": "CVE-2019-12904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
},
{
"name": "CVE-2021-28041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
},
{
"name": "CVE-2022-42784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
},
{
"name": "CVE-2023-48427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
},
{
"name": "CVE-2020-24659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
},
{
"name": "CVE-2023-48429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
},
{
"name": "CVE-2020-12062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
},
{
"name": "CVE-2019-1010023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
},
{
"name": "CVE-2023-49692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
},
{
"name": "CVE-2016-10739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
},
{
"name": "CVE-2019-1010180",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
},
{
"name": "CVE-2023-46285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
},
{
"name": "CVE-2023-46156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
},
{
"name": "CVE-2019-5435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
},
{
"name": "CVE-2019-15847",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2019-20367",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
},
{
"name": "CVE-2023-46284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2021-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2019-1010022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
},
{
"name": "CVE-2020-6096",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-48428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2023-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
},
{
"name": "CVE-2023-25139",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2020-1751",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
},
{
"name": "CVE-2019-1010025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
},
{
"name": "CVE-2019-12290",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
},
{
"name": "CVE-2019-18224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
},
{
"name": "CVE-2018-18928",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
},
{
"name": "CVE-2022-27943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2020-21047",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
},
{
"name": "CVE-2021-46195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
},
{
"name": "CVE-2023-38380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
},
{
"name": "CVE-2023-28531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
},
{
"name": "CVE-2020-11501",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2022-47374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
},
{
"name": "CVE-2023-46281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2020-15801",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
},
{
"name": "CVE-2022-46141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2020-13529",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
},
{
"name": "CVE-2023-27371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2021-20193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2019-9923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
},
{
"name": "CVE-2020-13777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2020-14422",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2021-4209",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
},
{
"name": "CVE-2018-19591",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
}
],
"initial_release_date": "2023-12-12T00:00:00",
"last_revision_date": "2023-12-12T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
}
]
}
CERTFR-2023-AVI-0051
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | NorthStar Controller versions antérieures à 6.2.3 | ||
| Juniper Networks | N/A | Contrail Cloud versions antérieures à 13.7.0 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO | ||
| Juniper Networks | N/A | Juniper Networks Contrail Service Orchestration (CSO) versions antérieures à 6.3.0 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.3R1 | ||
| Juniper Networks | N/A | Cloud Native Contrail Networking versions antérieures à R22.3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NorthStar Controller versions ant\u00e9rieures \u00e0 6.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Contrail Cloud versions ant\u00e9rieures \u00e0 13.7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.2R3-EVO, 19.3R3-EVO, 19.4R3-EVO, 20.1R3-EVO, 20.2R2-EVO, 20.3R1-EVO, 20.4R2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 21.1R2-EVO, 21.2R1-EVO, 21.2R3-S4-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R2-S2-EVO, 21.4R3-EVO, 22.1R1-EVO, 22.1R1-S2-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2R2-EVO et 22.3R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 6.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R7-S12, 18.4R2-S7, 19.1R3-S2, 19.1R3-S9, 19.2R1-S9, 19.2R3, 19.2R3-S5, 19.2R3-S6, 19.3R3, 19.3R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R2-S8, 19.4R3, 19.4R3-S10, 19.4R3-S8, 19.4R3-S9, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1, 20.3R3-S4, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 21.1R1-S1, 21.1R2, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R1, 21.2R3, 21.2R3-S1, 21.2R3-S2, 21.2R3-S3, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R2, 21.4R2-S1, 21.4R2-S2, 21.4R3, 21.4R3-S1, 21.4R3-S2, 22.1R1, 22.1R1-S2, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S1, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R2 et 22.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.3R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Cloud Native Contrail Networking versions ant\u00e9rieures \u00e0 R22.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40085"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-22403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22403"
},
{
"name": "CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2023-22393",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22393"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2023-22407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22407"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-22394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22394"
},
{
"name": "CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"name": "CVE-2021-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30465"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-22404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22404"
},
{
"name": "CVE-2020-14562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14562"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2023-22405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22405"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2021-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
},
{
"name": "CVE-2022-38178",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38178"
},
{
"name": "CVE-2023-22409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22409"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2021-2160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2160"
},
{
"name": "CVE-2023-22416",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22416"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2020-15778",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
},
{
"name": "CVE-2007-6755",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6755"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38177"
},
{
"name": "CVE-2021-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2180"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2021-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2194"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2022-21166",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21166"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2018-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8046"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-2202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2202"
},
{
"name": "CVE-2023-22402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22402"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2021-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3450"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2021-2307",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2307"
},
{
"name": "CVE-2023-22400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22400"
},
{
"name": "CVE-2021-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2021-27364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
},
{
"name": "CVE-2021-2146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2146"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2021-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2174"
},
{
"name": "CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
},
{
"name": "CVE-2020-12364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2023-22397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22397"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2022-21125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21125"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2019-1543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1543"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2021-27365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"name": "CVE-2023-22399",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22399"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2021-2144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2144"
},
{
"name": "CVE-2022-32250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32250"
},
{
"name": "CVE-2021-2154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2154"
},
{
"name": "CVE-2023-22398",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22398"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2021-23017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2020-12363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
},
{
"name": "CVE-2021-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2162"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2023-22401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22401"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2023-22396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22396"
},
{
"name": "CVE-2021-2171",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2171"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"name": "CVE-2023-22417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22417"
},
{
"name": "CVE-2021-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2178"
},
{
"name": "CVE-2020-14573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14573"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2020-24513",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24513"
},
{
"name": "CVE-2022-21123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21123"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2020-35498",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35498"
},
{
"name": "CVE-2023-22406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22406"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2020-27827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27827"
},
{
"name": "CVE-2023-22391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22391"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2021-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-22412",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22412"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-22415",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22415"
},
{
"name": "CVE-2022-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2007-2285",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2285"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-37576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37576"
},
{
"name": "CVE-2020-26137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-2226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2226"
},
{
"name": "CVE-2023-22410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22410"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2023-22408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22408"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-21549",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21549"
},
{
"name": "CVE-2020-14871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14871"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-1729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
},
{
"name": "CVE-2021-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2179"
},
{
"name": "CVE-2021-3504",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3504"
},
{
"name": "CVE-2021-2169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2169"
},
{
"name": "CVE-2023-22414",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22414"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-22411",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22411"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2022-21277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21277"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2019-11287",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11287"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2021-4028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4028"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-24903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2021-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2166"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2023-22413",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22413"
},
{
"name": "CVE-2023-22395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22395"
},
{
"name": "CVE-2021-35940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35940"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
}
],
"initial_release_date": "2023-01-23T00:00:00",
"last_revision_date": "2023-01-23T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70195 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10K-Series-PFE-crash-upon-receipt-of-specific-genuine-packets-when-sFlow-is-enabled-CVE-2023-22399?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70183 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Cloud-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Cloud-release-13-7-0?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70203 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-RPD-crash-can-happen-due-to-an-MPLS-TE-tunnel-configuration-change-on-a-directly-connected-router-CVE-2023-22407?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70192 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Receipt-of-crafted-TCP-packets-on-Ethernet-console-port-results-in-MBUF-leak-leading-to-Denial-of-Service-DoS-CVE-2023-22396?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70213 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-A-memory-leak-might-be-observed-in-IPsec-VPN-scenario-leading-to-an-FPC-crash-CVE-2023-22417?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70193 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-PTX10003-An-attacker-sending-specific-genuine-packets-will-cause-a-memory-leak-in-the-PFE-leading-to-a-Denial-of-Service-CVE-2023-22397?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70181 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-might-crash-when-MPLS-ping-is-performed-on-BGP-LSPs-CVE-2023-22398?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70186 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70179 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Northstar-Controller-Pivotal-RabbitMQ-contains-a-web-management-plugin-that-is-vulnerable-to-a-Denial-of-Service-DoS-attack-CVE-2019-11287?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70208 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flowd-daemon-will-crash-if-the-SIP-ALG-is-enabled-and-specific-SIP-messages-are-processed-CVE-2023-22412?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70201 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX5k-Series-EX46xx-Series-MAC-limiting-feature-stops-working-after-PFE-restart-device-reboot--CVE-2023-22405?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70209 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-FPC-crash-when-an-IPsec6-tunnel-processes-specific-IPv4-packets-CVE-2023-22413?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70187 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-ACX2K-Series-Receipt-of-a-high-rate-of-specific-traffic-will-lead-to-a-Denial-of-Service-DoS-CVE-2023-22391?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70199 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10k-Series-ICCP-flap-will-be-observed-due-to-excessive-specific-traffic-CVE-2023-22403?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70180 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-OpenSSL-Infinite-loop-in-BN-mod-sqrt-reachable-when-parsing-certificates-CVE-2022-0778?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70198 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-The-kernel-might-restart-in-a-BGP-scenario-where-bgp-auto-discovery-is-enabled-and-such-a-neighbor-flaps-CVE-2023-22402?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70196 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-A-specific-SNMP-GET-operation-and-a-specific-CLI-commands-cause-resources-to-leak-and-eventually-the-evo-pfemand-process-will-crash-CVE-2023-22400?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70197 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-PTX10008-PTX10016-When-a-specific-SNMP-MIB-is-queried-the-FPC-will-crash-CVE-2023-22401?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70202 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-memory-leak-which-will-ultimately-lead-to-an-rpd-crash-will-be-observed-when-a-peer-interface-flaps-continuously-in-a-Segment-Routing-scenario-CVE-2023-22406?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70190 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Memory-leak-due-to-receipt-of-specially-crafted-SIP-calls-CVE-2023-22394?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70191 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-In-an-MPLS-scenario-the-processing-of-specific-packets-to-the-device-causes-a-buffer-leak-and-ultimately-a-loss-of-connectivity-CVE-2023-22395?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69903 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-R22-3?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70204 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Upon-processing-of-a-specific-SIP-packet-an-FPC-can-crash-CVE-2023-22408?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70200 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-When-IPsec-VPN-is-configured-iked-will-core-when-a-specifically-formatted-payload-is-received-CVE-2023-22404?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70212 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-if-SIP-ALG-is-enabled-and-a-malicious-SIP-packet-is-received-CVE-2023-22416?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70185 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-3R1-release?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70211 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-The-flow-processing-daemon-flowd-will-crash-when-a-specific-H-323-packet-is-received-CVE-2023-22415?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70210 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-An-FPC-memory-leak-is-observed-when-specific-multicast-packets-are-processed-CVE-2023-22414?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70206 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-MX-Series-with-MPC10-MPC11-When-Suspicious-Control-Flow-Detection-scfd-is-enabled-and-an-attacker-is-sending-specific-traffic-this-causes-a-memory-leak-CVE-2023-22410?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70205 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-SPC3-When-an-inconsistent-NAT-configuration-exists-and-a-specific-CLI-command-is-issued-the-SPC-will-reboot-CVE-2023-22409?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70182 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70189 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-upon-receipt-of-BGP-route-with-invalid-next-hop-CVE-2023-22393?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70207 du 11 janvier 2023",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-SRX-Series-The-flowd-daemon-will-crash-when-Unified-Policies-are-used-with-IPv6-and-certain-dynamic-applications-are-rejected-by-the-device-CVE-2023-22411?language=en_US"
}
]
}
CERTFR-2022-AVI-767
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.3.x antérieures à 7.3.3 Fix Pack 12 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 Update Pack 2 | ||
| IBM | Spectrum | IBM Spectrum Discover versions antérieures à 2.0.4.7 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.4.x antérieures à 7.4.3 Fix Pack 6 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.3 Fix Pack 12",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 Update Pack 2",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Discover versions ant\u00e9rieures \u00e0 2.0.4.7",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.3 Fix Pack 6",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2021-20180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20180"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2020-25658",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25658"
},
{
"name": "CVE-2020-15084",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15084"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-24773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24773"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2020-7720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7720"
},
{
"name": "CVE-2022-24302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24302"
},
{
"name": "CVE-2020-14330",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14330"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2021-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2021-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43859"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-41496",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41496"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2021-46462",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46462"
},
{
"name": "CVE-2021-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22060"
},
{
"name": "CVE-2021-23386",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23386"
},
{
"name": "CVE-2022-0718",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0718"
},
{
"name": "CVE-2019-18874",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18874"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-1214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1214"
},
{
"name": "CVE-2022-24772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24772"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2021-34429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34429"
},
{
"name": "CVE-2022-0122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0122"
},
{
"name": "CVE-2021-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-24771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24771"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2017-1000048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000048"
},
{
"name": "CVE-2021-46461",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46461"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2021-34141",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
},
{
"name": "CVE-2020-13757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13757"
},
{
"name": "CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"name": "CVE-2021-3533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3533"
},
{
"name": "CVE-2021-46463",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46463"
},
{
"name": "CVE-2017-16137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16137"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
},
{
"name": "CVE-2020-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28463"
}
],
"initial_release_date": "2022-08-24T00:00:00",
"last_revision_date": "2022-08-24T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-767",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6614909 du 23 ao\u00fbt 2022",
"url": "https://www.ibm.com/support/pages/node/6614909"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6614725 du 23 ao\u00fbt 2022",
"url": "https://www.ibm.com/support/pages/node/6614725"
}
]
}
CERTFR-2023-AVI-0368
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Tenable Nessus Network Monitor versions antérieures à 6.2.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2023-05-10T00:00:00",
"last_revision_date": "2023-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0368",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable TNS-2023-19 du 09 mai 2023",
"url": "https://www.tenable.com/security/tns-2023-19"
}
]
}
CERTFR-2022-AVI-547
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SICAM GridEdge Essential with GDS ARM (6MD7881-2AA10) versions antérieures à V2.6.6 | ||
| Siemens | N/A | SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) toutes versions | ||
| Siemens | N/A | TALON TC Compact (BACnet) versions antérieures à V3.5 | ||
| Siemens | N/A | SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) toutes versions | ||
| Siemens | N/A | SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions | ||
| Siemens | N/A | SIMATIC RF650R (6GT2811-6AB20) versions antérieures à V4.0.1 | ||
| Siemens | N/A | SIMATIC RF610R (6GT2811-6BC10) versions antérieures à V4.0.1 | ||
| Siemens | N/A | SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | EN100 Ethernet module IEC 104 variant toutes versions | ||
| Siemens | N/A | SICAM GridEdge Essential ARM (6MD7881-2AA30) versions antérieures à V2.6.6 | ||
| Siemens | N/A | SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) toutes versions | ||
| Siemens | N/A | Teamcenter V12.4 versions antérieures à V12.4.0.13 | ||
| Siemens | N/A | SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions | ||
| Siemens | N/A | APOGEE PXC Modular (BACnet) versions antérieures à V3.5 | ||
| Siemens | N/A | SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) toutes versions | ||
| Siemens | N/A | EN100 Ethernet module IEC 61850 variant versions antérieures à V4.37 | ||
| Siemens | N/A | Xpedition Designer versions antérieures à X.2.11 | ||
| Siemens | N/A | SIMATIC NET PC Software V15 toutes versions | ||
| Siemens | N/A | SIMATIC RF186C (6GT2002-0JE20) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1543-1 (incl. SIPLUS variants) versions antérieures à V3.0 | ||
| Siemens | N/A | SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC WinCC (TIA Portal) toutes versions | ||
| Siemens | N/A | EN100 Ethernet module Modbus TCP variant toutes versions | ||
| Siemens | N/A | SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions | ||
| Siemens | N/A | SIMATIC RF188C (6GT2002-0JE40) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SINAUT Software ST7sc toutes versions | ||
| Siemens | N/A | SIMATIC STEP 7 V5.X toutes versions | ||
| Siemens | N/A | SIMATIC RF166C (6GT2002-0EE20) versions antérieures à V2.0.1 | ||
| Siemens | N/A | Teamcenter V13.0 versions antérieures à V13.0.0.9 | ||
| Siemens | N/A | SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC CP 343-1 Advanced (6GK7343-1GX31-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1626 (6GK1162-6AA01) toutes versions | ||
| Siemens | N/A | TIA Portal V15 toutes versions | ||
| Siemens | N/A | SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00) toutes versions | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions | ||
| Siemens | N/A | SIMATIC NET PC Software V14 toutes versions | ||
| Siemens | N/A | APOGEE PXC Compact (P2 Ethernet) toutes versions | ||
| Siemens | N/A | RUGGEDCOM CROSSBOW Station Access Controller toutes versions | ||
| Siemens | N/A | SCALANCE XR528-6M (6GK5528-0AA00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC RF188CI (6GT2002-0JE60) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) toutes versions | ||
| Siemens | N/A | SICAM GridEdge Essential Intel (6MD7881-2AA40) versions antérieures à V2.6.6 | ||
| Siemens | N/A | TIA Portal V16 toutes versions | ||
| Siemens | N/A | SIMATIC PDM toutes versions | ||
| Siemens | N/A | Spectrum Power 4 toutes versions using Shared HIS | ||
| Siemens | N/A | SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions | ||
| Siemens | N/A | SCALANCE XR552-12M (6GK5552-0AA00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC NET PC Software V16 toutes versions | ||
| Siemens | N/A | SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC MV540 H (6GF3540-0GE10) toutes versions | ||
| Siemens | N/A | SIMATIC RF360R (6GT2801-5BA30) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) toutes versions | ||
| Siemens | N/A | SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XM408-4C (6GK5408-4GP00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SINUMERIK Edge versions antérieures à V3.3.0 | ||
| Siemens | N/A | SCALANCE LPE9403 (6GK5998-3GS00-2AC2) versions antérieures à V2.0 | ||
| Siemens | N/A | Spectrum Power MGMS toutes versions using Shared HIS | ||
| Siemens | N/A | SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions | ||
| Siemens | N/A | Teamcenter V13.2 toutes versions | ||
| Siemens | N/A | SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) toutes versions | ||
| Siemens | N/A | RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) versions antérieures à V1.1 | ||
| Siemens | N/A | SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions | ||
| Siemens | N/A | SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions | ||
| Siemens | N/A | RUGGEDCOM ROX Series toutes versions | ||
| Siemens | N/A | SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC RF185C (6GT2002-0JE10) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE MUM853-1 (RoW) (6GK5853-2EA00-2AA1) toutes versions | ||
| Siemens | N/A | EN100 Ethernet module PROFINET IO variant toutes versions | ||
| Siemens | N/A | SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | TIA Portal Cloud toutes versions | ||
| Siemens | N/A | SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced toutes versions | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à V3.1 | ||
| Siemens | N/A | SIMATIC Logon toutes versions | ||
| Siemens | N/A | SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions | ||
| Siemens | N/A | SIMATIC MV550 S (6GF3550-0CD10) toutes versions | ||
| Siemens | N/A | SIMATIC MV550 H (6GF3550-0GE10) toutes versions | ||
| Siemens | N/A | TIM 1531 IRC (6GK7543-1MX00-0XE0) toutes versions | ||
| Siemens | N/A | SIPLUS NET CP 343-1 Advanced (6AG1343-1GX31-4XE0) toutes versions | ||
| Siemens | N/A | Mendix SAML Module (Mendix 8 compatible) versions antérieures à 2.2.2 | ||
| Siemens | N/A | APOGEE PXC Modular (P2 Ethernet) toutes versions | ||
| Siemens | N/A | Teamcenter V13.3 versions antérieures à V13.3.0.3 | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) versions antérieures à V6.5 | ||
| Siemens | N/A | Teamcenter Active Workspace V6.0 versions antérieures à V6.0.3 | ||
| Siemens | N/A | SIMATIC S7-1200 CPU family (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions | ||
| Siemens | N/A | SCALANCE SC622-2C (6GK5622-2GS00-2AC2) toutes versions versions antérieures à V2.3.1 | ||
| Siemens | N/A | Mendix SAML Module (Mendix 7 compatible) versions antérieures à 1.16.6 | ||
| Siemens | N/A | EN100 Ethernet module DNP3 IP variant toutes versions | ||
| Siemens | N/A | SCALANCE XM416-4C (6GK5416-4GS00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions | ||
| Siemens | N/A | Industrial Edge - PROFINET IO Connector toutes versions | ||
| Siemens | N/A | SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) toutes versions | ||
| Siemens | N/A | RUGGEDCOM ROS Series toutes versions | ||
| Siemens | N/A | TIA Portal V17 toutes versions | ||
| Siemens | N/A | TALON TC Modular (BACnet) versions antérieures à V3.5 | ||
| Siemens | N/A | SIMATIC PCS 7 TeleControl toutes versions | ||
| Siemens | N/A | APOGEE PXC Compact (BACnet) versions antérieures à V3.5 | ||
| Siemens | N/A | SCALANCE MUM856-1 (NAM) (6GK5856-2EA00-3BA1) toutes versions | ||
| Siemens | N/A | SIMATIC RF685R (6GT2811-6CA10) versions antérieures à V4.0.1 | ||
| Siemens | N/A | SINEMA Server V14 toutes versions | ||
| Siemens | N/A | SCALANCE SC646-2C (6GK5646-2GS00-2AC2) toutes versions versions antérieures à V2.3.1 | ||
| Siemens | N/A | SIMATIC RF680R (6GT2811-6AA10) versions antérieures à V4.0.1 | ||
| Siemens | N/A | SIMATIC MV560 U (6GF3560-0LE10) toutes versions | ||
| Siemens | N/A | Industrial Edge - SIMATIC S7 Connector App versions antérieures à V1.7.0 | ||
| Siemens | N/A | SINEC INS toutes versions | ||
| Siemens | N/A | SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) toutes versions | ||
| Siemens | N/A | SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE SC636-2C (6GK5636-2GS00-2AC2) toutes versions versions antérieures à V2.3.1 | ||
| Siemens | N/A | TIA Administrator toutes versions | ||
| Siemens | N/A | SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | TeleControl Server Basic V3 toutes versions | ||
| Siemens | N/A | SINAUT ST7CC toutes versions | ||
| Siemens | N/A | SCALANCE XM408-8C (6GK5408-8GS00-2AM2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC NET PC Software V17 toutes versions | ||
| Siemens | N/A | Spectrum Power 7 toutes versions using Shared HIS | ||
| Siemens | N/A | SIMATIC MV560 X (6GF3560-0HE10) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller (incl. F) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) toutes versions | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à 3.0 SP2 | ||
| Siemens | N/A | Industrial Edge - OPC UA Connector toutes versions | ||
| Siemens | N/A | Teamcenter Active Workspace V5.2 versions antérieures à V5.2.9 | ||
| Siemens | N/A | SCALANCE SC642-2C (6GK5642-2GS00-2AC2) toutes versions versions antérieures à V2.3.1 | ||
| Siemens | N/A | SINEC NMS toutes versions | ||
| Siemens | N/A | Mendix SAML Module (Mendix 9 compatible) versions antérieures à 3.2.3 | ||
| Siemens | N/A | Teamcenter V14.0 toutes versions | ||
| Siemens | N/A | SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) toutes versions | ||
| Siemens | N/A | SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) toutes versions | ||
| Siemens | N/A | SIMATIC RF615R (6GT2811-6CC10) versions antérieures à V4.0.1 | ||
| Siemens | N/A | SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00) toutes versions | ||
| Siemens | N/A | SIMATIC RF186CI (6GT2002-0JE50) versions antérieures à V2.0.1 | ||
| Siemens | N/A | SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) versions antérieures à V6.5 | ||
| Siemens | N/A | SIMATIC CP 1628 (6GK1162-8AA00) toutes versions | ||
| Siemens | N/A | SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20) versions antérieures à V2.6.6 | ||
| Siemens | N/A | Teamcenter V13.1 versions antérieures à V13.1.0.9 | ||
| Siemens | N/A | SCALANCE SC632-2C (6GK5632-2GS00-2AC2) toutes versions versions antérieures à V2.3.1 | ||
| Siemens | N/A | SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC MV540 S (6GF3540-0CD10) toutes versions | ||
| Siemens | N/A | SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0) toutes versions | ||
| Siemens | N/A | SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions | ||
| Siemens | N/A | SIMATIC PCS neo toutes versions | ||
| Siemens | N/A | RUGGEDCOM NMS toutes versions |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM GridEdge Essential with GDS ARM (6MD7881-2AA10) versions ant\u00e9rieures \u00e0 V2.6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TALON TC Compact (BACnet) versions ant\u00e9rieures \u00e0 V3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF650R (6GT2811-6AB20) versions ant\u00e9rieures \u00e0 V4.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF610R (6GT2811-6BC10) versions ant\u00e9rieures \u00e0 V4.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "EN100 Ethernet module IEC 104 variant toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM GridEdge Essential ARM (6MD7881-2AA30) versions ant\u00e9rieures \u00e0 V2.6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V12.4 versions ant\u00e9rieures \u00e0 V12.4.0.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Modular (BACnet) versions ant\u00e9rieures \u00e0 V3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "EN100 Ethernet module IEC 61850 variant versions ant\u00e9rieures \u00e0 V4.37",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Xpedition Designer versions ant\u00e9rieures \u00e0 X.2.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V15 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF186C (6GT2002-0JE20) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543-1 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC (TIA Portal) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "EN100 Ethernet module Modbus TCP variant toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF188C (6GT2002-0JE40) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAUT Software ST7sc toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 V5.X toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF166C (6GT2002-0EE20) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V13.0 versions ant\u00e9rieures \u00e0 V13.0.0.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 343-1 Advanced (6GK7343-1GX31-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1626 (6GK1162-6AA01) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal V15 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Cloud Connect 7 CC716 (6GK1411-5AC00) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V14 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Compact (P2 Ethernet) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM CROSSBOW Station Access Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (6GK5528-0AA00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF188CI (6GT2002-0JE60) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM GridEdge Essential Intel (6MD7881-2AA40) versions ant\u00e9rieures \u00e0 V2.6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal V16 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PDM toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 4 toutes versions using Shared HIS",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (6GK5552-0AA00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V16 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV540 H (6GF3540-0GE10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF360R (6GT2801-5BA30) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-4C (6GK5408-4GP00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Edge versions ant\u00e9rieures \u00e0 V3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE LPE9403 (6GK5998-3GS00-2AC2) versions ant\u00e9rieures \u00e0 V2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power MGMS toutes versions using Shared HIS",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V13.2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) versions ant\u00e9rieures \u00e0 V1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM ROX Series toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF185C (6GT2002-0JE10) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (RoW) (6GK5853-2EA00-2AA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "EN100 Ethernet module PROFINET IO variant toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal Cloud toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 V3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Logon toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV550 S (6GF3550-0CD10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV550 H (6GF3550-0GE10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 IRC (6GK7543-1MX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS NET CP 343-1 Advanced (6AG1343-1GX31-4XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix SAML Module (Mendix 8 compatible) versions ant\u00e9rieures \u00e0 2.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Modular (P2 Ethernet) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V13.3 versions ant\u00e9rieures \u00e0 V13.3.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Active Workspace V6.0 versions ant\u00e9rieures \u00e0 V6.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2) toutes versions versions ant\u00e9rieures \u00e0 V2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix SAML Module (Mendix 7 compatible) versions ant\u00e9rieures \u00e0 1.16.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "EN100 Ethernet module DNP3 IP variant toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM416-4C (6GK5416-4GS00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Industrial Edge - PROFINET IO Connector toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM ROS Series toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal V17 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TALON TC Modular (BACnet) versions ant\u00e9rieures \u00e0 V3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS 7 TeleControl toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Compact (BACnet) versions ant\u00e9rieures \u00e0 V3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM856-1 (NAM) (6GK5856-2EA00-3BA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF685R (6GT2811-6CA10) versions ant\u00e9rieures \u00e0 V4.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Server V14 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2) toutes versions versions ant\u00e9rieures \u00e0 V2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF680R (6GT2811-6AA10) versions ant\u00e9rieures \u00e0 V4.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV560 U (6GF3560-0LE10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Industrial Edge - SIMATIC S7 Connector App versions ant\u00e9rieures \u00e0 V1.7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC INS toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2) toutes versions versions ant\u00e9rieures \u00e0 V2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Administrator toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TeleControl Server Basic V3 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAUT ST7CC toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM408-8C (6GK5408-8GS00-2AM2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V17 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 7 toutes versions using Shared HIS",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV560 X (6GF3560-0HE10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller (incl. F) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Industrial Edge - OPC UA Connector toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Active Workspace V5.2 versions ant\u00e9rieures \u00e0 V5.2.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2) toutes versions versions ant\u00e9rieures \u00e0 V2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC NMS toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix SAML Module (Mendix 9 compatible) versions ant\u00e9rieures \u00e0 3.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V14.0 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF615R (6GT2811-6CC10) versions ant\u00e9rieures \u00e0 V4.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Cloud Connect 7 CC712 (6GK1411-1AC00) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF186CI (6GT2002-0JE50) versions ant\u00e9rieures \u00e0 V2.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2) versions ant\u00e9rieures \u00e0 V6.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1628 (6GK1162-8AA00) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20) versions ant\u00e9rieures \u00e0 V2.6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter V13.1 versions ant\u00e9rieures \u00e0 V13.1.0.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2) toutes versions versions ant\u00e9rieures \u00e0 V2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV540 S (6GF3540-0CD10) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM NMS toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32285"
},
{
"name": "CVE-2022-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32286"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2021-20317",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20317"
},
{
"name": "CVE-2022-32258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32258"
},
{
"name": "CVE-2021-41091",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41091"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2022-30231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30231"
},
{
"name": "CVE-2021-33196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
},
{
"name": "CVE-2022-32254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32254"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-32145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32145"
},
{
"name": "CVE-2022-32259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32259"
},
{
"name": "CVE-2022-32262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32262"
},
{
"name": "CVE-2017-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9947"
},
{
"name": "CVE-2022-32255",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32255"
},
{
"name": "CVE-2020-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27304"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-32252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32252"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2021-37182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37182"
},
{
"name": "CVE-2020-9272",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9272"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2021-33910",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-26476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26476"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2022-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
},
{
"name": "CVE-2022-30228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30228"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2021-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41092"
},
{
"name": "CVE-2022-32251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32251"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2021-41089",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41089"
},
{
"name": "CVE-2022-30230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30230"
},
{
"name": "CVE-2020-9273",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9273"
},
{
"name": "CVE-2022-30229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30229"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-29034",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29034"
},
{
"name": "CVE-2022-30937",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30937"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27219"
},
{
"name": "CVE-2022-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27221"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-31619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31619"
},
{
"name": "CVE-2022-32261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32261"
},
{
"name": "CVE-2022-32260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32260"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2022-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27220"
},
{
"name": "CVE-2022-31465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31465"
},
{
"name": "CVE-2017-9946",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9946"
},
{
"name": "CVE-2021-41103",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41103"
},
{
"name": "CVE-2022-32253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32253"
},
{
"name": "CVE-2022-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32256"
},
{
"name": "CVE-2021-37209",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37209"
}
],
"initial_release_date": "2022-06-15T00:00:00",
"last_revision_date": "2022-06-15T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-547",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-148078 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-148078.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-220589 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-220589.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-988345 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-988345.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-484086 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-484086.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-330556 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-330556.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-145224 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145224.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-685781 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-685781.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-693555 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693555.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-911567 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-911567.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-401167 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-401167.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-764417 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-764417.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-712929 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-712929.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-679335 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-679335.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-388239 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-388239.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-631336 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-631336.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-740594 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-740594.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-222547 du 14 juin 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-222547.html"
}
]
}
CERTFR-2023-AVI-0310
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Juniper Secure Analytics (JSA) avec Networks Security Threat Response Manager (STRM) versions antérieures à 7.5.0UP4 | ||
| N/A | N/A | JunosOS versions antérieures à 18.1R3-S11, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.2R3-S7, 19.3R3-S1, 19.3R3-S7, 19.3R3-S8, 19.4R3, 19.4R3-S10, 19.4R3-S11, 19.4R3-S12, 19.4R3-S9, 20.1R2, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1-S1, 20.3R2, 20.3R3-S2, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 20.4R3-S6, 20.4R3-S7, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S2, 21.2R3-S3, 21.2R3-S4, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R1, 21.4R2, 21.4R2-S1, 21.4R3, 21.4R3-S1, 21.4R3-S2, 21.4R3-S3, 22.1R1, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S2, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R1-S2, 22.3R2, 22.4R1, 22.4R1-S1, 22.4R2 et 23.1R1 | ||
| N/A | N/A | JunosOS Evolved versions antérieures à 20.1R3-EVO, 20.2R2-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R3-S5-EVO, 20.4R3-S6-EVO, 20.4R3-S7-EVO, 21.1R3-S4-EVO, 21.2R3-EVO, 21.2R3-S4-EVO, 21.2R3-S5-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 21.4R3-S1-EVO, 22.1R1-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R2-EVO et 22.3R1-EVO | ||
| N/A | N/A | Paragon Active Assurance versions antérieures à 4.1.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Secure Analytics (JSA) avec Networks Security Threat Response Manager (STRM) versions ant\u00e9rieures \u00e0 7.5.0UP4",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "JunosOS versions ant\u00e9rieures \u00e0 18.1R3-S11, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.2R3-S7, 19.3R3-S1, 19.3R3-S7, 19.3R3-S8, 19.4R3, 19.4R3-S10, 19.4R3-S11, 19.4R3-S12, 19.4R3-S9, 20.1R2, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1-S1, 20.3R2, 20.3R3-S2, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 20.4R3-S6, 20.4R3-S7, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S2, 21.2R3-S3, 21.2R3-S4, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R1, 21.4R2, 21.4R2-S1, 21.4R3, 21.4R3-S1, 21.4R3-S2, 21.4R3-S3, 22.1R1, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S2, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R1-S2, 22.3R2, 22.4R1, 22.4R1-S1, 22.4R2 et 23.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "JunosOS Evolved versions ant\u00e9rieures \u00e0 20.1R3-EVO, 20.2R2-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R3-S5-EVO, 20.4R3-S6-EVO, 20.4R3-S7-EVO, 21.1R3-S4-EVO, 21.2R3-EVO, 21.2R3-S4-EVO, 21.2R3-S5-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 21.4R3-S1-EVO, 22.1R1-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R2-EVO et 22.3R1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance versions ant\u00e9rieures \u00e0 4.1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-28973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28973"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2023-28970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28970"
},
{
"name": "CVE-2023-28967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28967"
},
{
"name": "CVE-2023-28983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28983"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-28979",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28979"
},
{
"name": "CVE-2023-28974",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28974"
},
{
"name": "CVE-2023-28959",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28959"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2023-28962",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28962"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2023-28975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28975"
},
{
"name": "CVE-2023-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28971"
},
{
"name": "CVE-2023-28968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28968"
},
{
"name": "CVE-2023-28961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28961"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2023-28981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28981"
},
{
"name": "CVE-2023-28982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28982"
},
{
"name": "CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"name": "CVE-2023-1697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1697"
},
{
"name": "CVE-2023-28980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28980"
},
{
"name": "CVE-2023-28966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28966"
},
{
"name": "CVE-2023-28976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28976"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2023-28963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28963"
},
{
"name": "CVE-2023-28978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28978"
},
{
"name": "CVE-2023-28964",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28964"
},
{
"name": "CVE-2023-28960",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28960"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2023-28984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28984"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2023-28972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28972"
},
{
"name": "CVE-2023-28965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28965"
}
],
"initial_release_date": "2023-04-13T00:00:00",
"last_revision_date": "2023-04-13T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0310",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-13T00:00:00.000000"
},
{
"description": "Retrait d\u0027identifiants CVE en double.",
"revision_date": "2023-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70591 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-genuine-BGP-packets-causes-an-RPD-crash-CVE-2023-28967"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70601 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-MX-Series-If-a-specific-traffic-rate-goes-above-the-DDoS-threshold-it-will-lead-to-an-FPC-crash-CVE-2023-28976"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70587 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70594 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-JRR200-Kernel-crash-upon-receipt-of-a-specific-packet-CVE-2023-28970"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70607 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-If-malformed-IPv6-router-advertisements-are-received-memory-corruption-will-occur-which-causes-an-rpd-crash-CVE-2023-28981"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70586 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-ACX-Series-IPv6-firewall-filter-is-not-installed-in-PFE-when-from-next-header-ah-is-used-CVE-2023-28961"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70609 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Shell-Injection-vulnerability-in-the-gNOI-server-CVE-2023-28983"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70599 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-MX-Series-In-a-BBE-scenario-upon-receipt-of-specific-malformed-packets-from-subscribers-the-process-bbe-smgd-will-crash-CVE-2023-28974"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70596 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-NFX-Series-set-system-ports-console-insecure-allows-root-password-recovery-CVE-2023-28972"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70585 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Docker-repository-is-world-writeable-allowing-low-privileged-local-user-to-inject-files-into-Docker-containers-CVE-2023-28960"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70592 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-SRX-Series-Policies-that-rely-on-JDPI-Decoder-actions-may-fail-open-CVE-2023-28968"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70600 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-The-kernel-will-crash-when-certain-USB-devices-are-inserted-CVE-2023-28975"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70604 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-In-a-6PE-scenario-upon-receipt-of-a-specific-IPv6-packet-an-integrity-check-fails-CVE-2023-28979"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70603 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Read-access-to-some-confidential-user-information-is-possible-CVE-2023-28978"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70610 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX-Series-The-PFE-may-crash-when-a-lot-of-MAC-addresses-are-being-learned-and-aged-CVE-2023-28984"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70606 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-an-rpd-crash-will-happen-shortly-after-a-specific-CLI-command-is-issued-CVE-2023-28980"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70589 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10002-Failure-of-storm-control-feature-may-lead-to-Denial-of-Service-CVE-2023-28965"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70584 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10002-PFE-wedges-and-restarts-upon-receipt-of-specific-malformed-packets-CVE-2023-28959"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70605 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-expat-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70608 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-route-is-frequently-updated-an-rpd-memory-leak-will-occur-CVE-2023-28982"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70595 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Paragon-Active-Assurance-Enabling-the-timescaledb-enables-IP-forwarding-CVE-2023-28971"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70613 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-JSA-Series-Apache-Commons-Text-prior-to-1-10-0-allows-RCE-when-applied-to-untrusted-input-due-to-insecure-interpolation-defaults-CVE-2022-42889"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70590 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Local-low-privileged-user-with-shell-access-can-execute-CLI-commands-as-root-CVE-2023-28966"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70612 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10000-Series-PTX1000-Series-The-dcpfe-process-will-crash-when-a-malformed-ethernet-frame-is-received-CVE-2023-1697"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70597 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-The-sysmanctl-shell-command-allows-a-local-user-to-gain-access-to-some-administrative-actions-CVE-2023-28973"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA70588 du 12 avril 2023",
"url": "https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Malformed-BGP-flowspec-update-causes-RPD-crash-CVE-2023-28964"
}
]
}
CERTFR-2022-AVI-663
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar versions 5.4.0.x versions ant\u00e9rieures \u00e0 5.4.0.16",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar versions 5.5.0.x versions ant\u00e9rieures \u00e0 5.5.0.11",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-11782",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11782"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2019-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2019-11068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2019-18197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18197"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2019-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-07-20T00:00:00",
"last_revision_date": "2022-07-20T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-663",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6605299 du 19 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6605299"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6441625 du 19 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6441625"
}
]
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
}
],
"initial_release_date": "2024-12-20T00:00:00",
"last_revision_date": "2024-12-20T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
CERTFR-2022-AVI-187
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le serveur HTTP d'IBM WebSphere. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM HTTP Server versions 9.0.0.0 à 9.0.5.10 sans le correctif de sécurité temporaire PH43122, la version 9.0.5.11 devrait être disponible au premier trimestre 2022 | ||
| IBM | WebSphere | IBM HTTP Server versions 8.5.0.0 à 8.5.5.21 sans le correctif de sécurité temporaire PH43122, la version 8.5.5.22 devrait être disponible au troisième trimestre 2022 | ||
| IBM | WebSphere | IBM HTTP Server versions 8.0.0.0 à 8.0.0.15 sans le correctif de sécurité temporaire PH43122 | ||
| IBM | WebSphere | IBM HTTP Server versions 7.0.0.0 à 7.0.0.45 sans le correctif de sécurité temporaire PH43122 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM HTTP Server versions 9.0.0.0 \u00e0 9.0.5.10 sans le correctif de s\u00e9curit\u00e9 temporaire PH43122, la version 9.0.5.11 devrait \u00eatre disponible au premier trimestre 2022",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server versions 8.5.0.0 \u00e0 8.5.5.21 sans le correctif de s\u00e9curit\u00e9 temporaire PH43122, la version 8.5.5.22 devrait \u00eatre disponible au troisi\u00e8me trimestre 2022",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server versions 8.0.0.0 \u00e0 8.0.0.15 sans le correctif de s\u00e9curit\u00e9 temporaire PH43122",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server versions 7.0.0.0 \u00e0 7.0.0.45 sans le correctif de s\u00e9curit\u00e9 temporaire PH43122",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-02-25T00:00:00",
"last_revision_date": "2022-02-25T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-187",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u00a0le serveur HTTP\nd\u0027IBM WebSphere. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le serveur HTTP d\u0027IBM WebSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6559296 du 24 f\u00e9vrier 2022",
"url": "https://www.ibm.com/support/pages/node/6559296"
}
]
}
CERTFR-2022-AVI-611
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | IBM QRadar Network Packet Capture versions 7.4.x antérieures à 7.4.3 Patch 5 | ||
| IBM | QRadar | IBM QRadar Network Packet Capture versions 7.5.x antérieures à 7.5.0 Update Package 2 | ||
| IBM | QRadar | IBM QRadar Network Packet Capture versions 7.3.x antérieures à 7.3.3 Patch 11 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar Network Packet Capture versions 7.4.x ant\u00e9rieures \u00e0 7.4.3 Patch 5",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Network Packet Capture versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 Update Package 2",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Network Packet Capture versions 7.3.x ant\u00e9rieures \u00e0 7.3.3 Patch 11",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-07-06T00:00:00",
"last_revision_date": "2022-07-06T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-611",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6601293 du 05 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6601293"
}
]
}
CERTFR-2022-AVI-683
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar SIEM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.3.x antérieures à 7.3.3 Fix Pack 12 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 Update Pack 2 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.4.x antérieures à 7.4.3 Fix Pack 6 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM versions 7.3.x ant\u00e9rieures \u00e0 7.3.3 Fix Pack 12",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 Update Pack 2",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.4.x ant\u00e9rieures \u00e0 7.4.3 Fix Pack 6",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-0261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0261"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2017-9801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9801"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2021-39088",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39088"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2018-1294",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1294"
},
{
"name": "CVE-2022-0392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0392"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2022-0359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0359"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0361"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
}
],
"initial_release_date": "2022-07-27T00:00:00",
"last_revision_date": "2022-07-27T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-683",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar SIEM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar SIEM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6607135 du 26 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6607135"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6607133 du 26 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6607133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6607137 du 26 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6607137"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6607129 du 26 juillet 2022",
"url": "https://www.ibm.com/support/pages/node/6607129"
}
]
}
CERTFR-2022-AVI-916
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Networking versions antérieures à R22.3 | ||
| Juniper Networks | N/A | Paragon Active Assurance (anciennement Netrounds) versions antérieures à 3.1.1 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.2R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S4-EVO, 21.2R2-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S3-EVO, 21.1R2-EVO, 21.2R1-EVO, 20.4R3-S4-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S4-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 21.4R3-EVO, 22.1R1-S2-EVO, 22.1R3-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S5-EVO, 21.1R3-EVO, 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO, 20.4R3-S1-EVO, 21.2R1-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S5-EVO, 21.1R3-S2-EVO, 21.2R3-S1-EVO, 21.3R3-S2-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S4-EVO, 21.1R3-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.2R3-S3-EVO, 20.4R3-S1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.1R3-S2-EVO, 21.2R3-S2-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO et 22.1R1-EVO | ||
| Juniper Networks | N/A | Contrail Networking versions antérieures à 2011.L5 | ||
| Juniper Networks | N/A | Steel Belted Radius Carrier Edition versions antérieures à 8.6.0R16 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 19.2R3-S6, 20.2R3-S4, 20.3R3-S3, 20.4R3-S4, 21.1R2, 21.2R2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R3-S9, 20.2R3-S5, 20.3R3-S4, 20.4R3-S4, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S2, 21.4R2, 22.1R1, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S5, 19.3R3-S3, 19.4R3-S9, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 15.1R7-S11, 18.4R2-S10, 18.4R3-S10, 19.1R3-S8, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S4, 21.1R3, 21.2R3-S3, 21.3R3-S1, 21.4R1, 15.1R7-S13, 19.1R3-S9, 19.2R3-S6, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.2R3-S5, 20.3R3-S5, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R2, 21.4R1, 18.4R2-S10, 18.4R3-S10, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.4R3-S8, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R2, 21.2R1, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S2, 21.3R3-S1, 21.4R2-S1, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R1-S1, 22.2R2, 22.3R1, 21.3R3-S2, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R2, 22.3R1, 21.2R3-S1, 21.3R2-S2, 21.3R3, 21.4R2-S1, 21.4R3, 22.1R1-S1, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2-S1, 21.4R3, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R1-S8, 18.4R2-S6, 18.4R3-S6, 19.1R3-S4, 19.2R1-S7, 19.2R3-S1, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R2, 22.1R2, 22.2R1, 20.2R3-S5, 20.3R3-S4, 20.4R3-S3, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 18.4R3-S11, 19.1R3-S9, 19.2R1-S9, 19.2R3-S5, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.1R3-S4, 20.2R3-S4, 20.3R3-S4, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, 19.2R3-S5, 19.3R3-S5, 19.4R2-S6, 19.4R3-S8, 20.2R3-S4, 20.3R3-S3, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, 19.4R3-S9, 20.2R3-S5, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R2-S1, 21.2R3, 21.3R2, 21.4R1, 21.4R1-S2, 21.4R2, 22.1R1, 19.2R3-S6, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.2R3-S1, 21.3R3-S2, 21.4R2, 22.1R2, 22.3R1, 18.4R2-S9, 18.4R3-S11, 19.1R3-S8, 19.3R3-S5, 19.4R2-S6, 19.4R3-S6, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3-S3, 21.2R2-S1, 21.2R3, 21.3R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, 19.4R3-S8, 20.1R3-S2, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R3, 21.3R2, 21.4R1, 20.4R3-S4, 21.1R3-S2, 21.2R3-S2, 21.3R2-S2, 21.3R3, 21.4R1-S2, 21.4R2, 21.4R3, 22.1R1-S1, 22.1R2 et 22.2R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à 5.4.7 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions 5.5.x antérieures à 5.5.3 | ||
| Juniper Networks | N/A | Paragon Active Assurance (anciennement Netrounds) versions 3.2.x antérieures à 3.2.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Networking versions ant\u00e9rieures \u00e0 R22.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance (anciennement Netrounds) versions ant\u00e9rieures \u00e0 3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.2R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S4-EVO, 21.2R2-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S3-EVO, 21.1R2-EVO, 21.2R1-EVO, 20.4R3-S4-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S4-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 21.4R3-EVO, 22.1R1-S2-EVO, 22.1R3-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S5-EVO, 21.1R3-EVO, 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO, 20.4R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO, 20.4R3-S1-EVO, 21.2R1-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.4R3-S5-EVO, 21.1R3-S2-EVO, 21.2R3-S1-EVO, 21.3R3-S2-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R2-EVO, 22.3R1-EVO, 20.4R3-S4-EVO, 21.1R3-S2-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, 20.2R3-S3-EVO, 20.4R3-S1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.1R3-S2-EVO, 21.2R3-S2-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO et 22.1R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contrail Networking versions ant\u00e9rieures \u00e0 2011.L5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Steel Belted Radius Carrier Edition versions ant\u00e9rieures \u00e0 8.6.0R16",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 19.2R3-S6, 20.2R3-S4, 20.3R3-S3, 20.4R3-S4, 21.1R2, 21.2R2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R2-S7, 19.4R3-S9, 20.2R3-S5, 20.3R3-S4, 20.4R3-S4, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S2, 21.4R2, 22.1R1, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R1-S2, 21.3R2, 21.4R1, 19.1R3-S9, 19.2R3-S5, 19.3R3-S3, 19.4R3-S9, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 15.1R7-S11, 18.4R2-S10, 18.4R3-S10, 19.1R3-S8, 19.2R3-S4, 19.3R3-S5, 19.4R2-S6, 19.4R3-S7, 20.1R3-S3, 20.2R3-S3, 20.3R3-S2, 20.4R3-S4, 21.1R3, 21.2R3-S3, 21.3R3-S1, 21.4R1, 15.1R7-S13, 19.1R3-S9, 19.2R3-S6, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.2R3-S5, 20.3R3-S5, 20.4R3-S2, 21.1R3, 21.2R3, 21.3R2, 21.4R1, 18.4R2-S10, 18.4R3-S10, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.4R3-S8, 20.2R3-S3, 20.3R3-S2, 20.4R3, 21.1R2, 21.2R1, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S2, 21.3R3-S1, 21.4R2-S1, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R1-S1, 22.2R2, 22.3R1, 21.3R3-S2, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R3, 22.2R2, 22.3R1, 21.2R3-S1, 21.3R2-S2, 21.3R3, 21.4R2-S1, 21.4R3, 22.1R1-S1, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2-S1, 21.4R3, 22.1R2, 22.2R1, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R1-S8, 18.4R2-S6, 18.4R3-S6, 19.1R3-S4, 19.2R1-S7, 19.2R3-S1, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3-S1, 20.1R2, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R2, 22.1R2, 22.2R1, 20.2R3-S5, 20.3R3-S4, 20.4R3-S3, 21.1R3-S2, 21.2R3-S1, 21.3R3, 21.4R1-S2, 21.4R2, 22.1R1-S1, 22.1R2, 22.2R1, 18.4R3-S11, 19.1R3-S9, 19.2R1-S9, 19.2R3-S5, 19.3R3-S6, 19.4R2-S7, 19.4R3-S8, 20.1R3-S4, 20.2R3-S4, 20.3R3-S4, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, 19.2R3-S5, 19.3R3-S5, 19.4R2-S6, 19.4R3-S8, 20.2R3-S4, 20.3R3-S3, 20.4R3-S3, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, 19.4R3-S9, 20.2R3-S5, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R2-S1, 21.2R3, 21.3R2, 21.4R1, 21.4R1-S2, 21.4R2, 22.1R1, 19.2R3-S6, 19.4R2-S8, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.2R3-S1, 21.3R3-S2, 21.4R2, 22.1R2, 22.3R1, 18.4R2-S9, 18.4R3-S11, 19.1R3-S8, 19.3R3-S5, 19.4R2-S6, 19.4R3-S6, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3-S3, 21.2R2-S1, 21.2R3, 21.3R1, 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, 19.4R3-S8, 20.1R3-S2, 20.2R3-S3, 20.3R3-S2, 20.4R3-S1, 21.1R3, 21.2R1-S2, 21.2R3, 21.3R2, 21.4R1, 20.4R3-S4, 21.1R3-S2, 21.2R3-S2, 21.3R2-S2, 21.3R3, 21.4R1-S2, 21.4R2, 21.4R3, 22.1R1-S1, 22.1R2 et 22.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 5.4.7",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 5.5.x ant\u00e9rieures \u00e0 5.5.3",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance (anciennement Netrounds) versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2022-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22243"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2020-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2022-22238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22238"
},
{
"name": "CVE-2022-22249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22249"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22227"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2022-22208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22208"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2017-5929",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
},
{
"name": "CVE-2022-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22218"
},
{
"name": "CVE-2021-20271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20271"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22201"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42771"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2018-20532",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20532"
},
{
"name": "CVE-2022-22246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22246"
},
{
"name": "CVE-2007-6755",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6755"
},
{
"name": "CVE-2020-29661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"name": "CVE-2022-22250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22250"
},
{
"name": "CVE-2022-22192",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22192"
},
{
"name": "CVE-2019-12735",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
},
{
"name": "CVE-2022-22239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22239"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-22241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22241"
},
{
"name": "CVE-2020-25212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25212"
},
{
"name": "CVE-2019-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2435"
},
{
"name": "CVE-2021-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27363"
},
{
"name": "CVE-2022-22226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22226"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2020-24394",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24394"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2019-19532",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
},
{
"name": "CVE-2020-14314",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14314"
},
{
"name": "CVE-2021-27364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27364"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2022-22229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22229"
},
{
"name": "CVE-2018-20534",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20534"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22225"
},
{
"name": "CVE-2020-12364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2022-22245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22245"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2019-1543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1543"
},
{
"name": "CVE-2018-10689",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10689"
},
{
"name": "CVE-2016-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2124"
},
{
"name": "CVE-2021-27365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27365"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
},
{
"name": "CVE-2020-14385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14385"
},
{
"name": "CVE-2022-22232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22232"
},
{
"name": "CVE-2019-18282",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18282"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-22240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22240"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2019-20811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20811"
},
{
"name": "CVE-2020-12363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2021-3656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3656"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22234"
},
{
"name": "CVE-2022-22242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22242"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2022-22251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22251"
},
{
"name": "CVE-2008-5161",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
},
{
"name": "CVE-2022-22244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22244"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2021-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
},
{
"name": "CVE-2022-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22233"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2021-45417",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45417"
},
{
"name": "CVE-2020-10769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10769"
},
{
"name": "CVE-2018-20533",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20533"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2022-22224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22224"
},
{
"name": "CVE-2021-20265",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20265"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2020-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25211"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22247"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2021-22555",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22555"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-37576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37576"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2020-28374",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28374"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2022-22199",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22199"
},
{
"name": "CVE-2021-42550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2022-22236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22236"
},
{
"name": "CVE-2020-7053",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7053"
},
{
"name": "CVE-2022-22248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22248"
},
{
"name": "CVE-2019-9518",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
},
{
"name": "CVE-2022-22220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22220"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22228"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2020-14351",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14351"
},
{
"name": "CVE-2020-25709",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2022-22223",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22223"
},
{
"name": "CVE-2020-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25645"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2020-25717",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2021-4034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4034"
},
{
"name": "CVE-2022-24903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-2684",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2684"
},
{
"name": "CVE-2021-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0543"
},
{
"name": "CVE-2021-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3653"
},
{
"name": "CVE-2022-22231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22231"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22235"
},
{
"name": "CVE-2020-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0427"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2022-22211",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22211"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2022-22230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22230"
},
{
"name": "CVE-2022-22237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22237"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
}
],
"initial_release_date": "2022-10-13T00:00:00",
"last_revision_date": "2022-10-13T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-916",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-10-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69906",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-MX-Series-An-FPC-crash-might-be-seen-due-to-mac-moves-within-the-same-bridge-domain-CVE-2022-22249"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69885",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-If-UTM-Enhanced-Content-Filtering-and-AntiVirus-are-enabled-and-specific-traffic-is-processed-the-PFE-will-crash-CVE-2022-22231"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69888",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Cache-poisoning-vulnerability-in-BIND-used-by-DNS-Proxy-CVE-2021-25220"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69886",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-If-Unified-Threat-Management-UTM-Enhanced-Content-Filtering-CF-is-enabled-and-specific-traffic-is-processed-the-PFE-will-crash-CVE-2022-22232"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69899",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69881",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-SBR-Carrier-Multiple-Vulnerabilities-resolved-in-version-8-6-0R16-64-bit-Solaris-and-Linux-editions"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69894",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-process-will-crash-when-a-malformed-incoming-RESV-message-is-processed-CVE-2022-22238"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69898",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-core-upon-receipt-of-a-specific-EVPN-route-by-a-BGP-route-reflector-in-an-EVPN-environment-CVE-2022-22199"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69895",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-The-ssh-CLI-command-always-runs-as-root-which-can-lead-to-privilege-escalation-CVE-2022-22239"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69908",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-cSRX-Series-Storing-Passwords-in-a-Recoverable-Format-and-software-permissions-issues-allows-a-local-attacker-to-elevate-privileges-CVE-2022-22251"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69874",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-PPMD-goes-into-infinite-loop-upon-receipt-of-malformed-OSPF-TLV-CVE-2022-22224"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69902",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Due-to-a-race-condition-the-rpd-process-can-crash-upon-receipt-of-a-BGP-update-message-containing-flow-spec-route-CVE-2022-22220"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69879",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-can-occur-due-to-memory-corruption-caused-by-flapping-BGP-sessions-CVE-2022-22208"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69890",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-EX2300-and-EX3400-Series-One-of-more-SFPs-might-become-unavailable-when-the-system-is-very-busy-CVE-2022-22234"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69875",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-multipath-scenario-when-one-of-the-contributing-routes-is-flapping-often-and-rapidly-rpd-may-crash-CVE-2022-22225"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69915",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-An-attacker-can-cause-a-kernel-panic-by-sending-a-malformed-TCP-packet-to-the-device-CVE-2022-22192"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69878",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Specific-IPv6-transit-traffic-gets-exceptioned-to-the-routing-engine-which-will-cause-increased-CPU-utilization-CVE-2022-22227"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69907",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-FPC-might-crash-and-reload-if-the-EVPN-MAC-entry-is-move-from-local-to-remote-CVE-2022-22250"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69891",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-A-flowd-core-will-be-observed-when-malformed-GPRS-traffic-is-processed-CVE-2022-22235"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69882",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69876",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-EX4300-MP-EX4600-QFX5000-Series-In-VxLAN-scenarios-specific-packets-processed-cause-a-memory-leak-leading-to-a-PFE-crash-CVE-2022-22226"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69892",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-When-specific-valid-SIP-packets-are-received-the-PFE-will-crash-CVE-2022-22236"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69889",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69887",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-SR-to-LDP-interworking-scenario-with-SRMS-when-a-specific-low-privileged-command-is-issued-on-an-ABR-rpd-will-crash-CVE-2022-22233"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69903",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-R22-3"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69900",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX5000-Series-with-SPC3-SRX4000-Series-and-vSRX-When-PowerMode-IPsec-is-configured-the-PFE-will-crash-upon-receipt-of-a-malformed-ESP-packet-CVE-2022-22201"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69884",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crash-upon-receipt-of-specific-OSPFv3-LSAs-CVE-2022-22230"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69901",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-SRX-Series-Upon-processing-of-a-genuine-packet-the-pkid-process-will-crash-during-CMPv2-auto-re-enrollment-CVE-2022-22218"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69905",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-Incorrect-file-permissions-can-allow-low-privileged-user-to-cause-another-user-to-execute-arbitrary-commands-CVE-2022-22248"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69893",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Peers-not-configured-for-TCP-AO-can-establish-a-BGP-or-LDP-session-even-if-authentication-is-configured-locally-CVE-2022-22237"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69904",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-Kernel-processing-of-unvalidated-TCP-segments-could-lead-to-a-Denial-of-Service-DoS-CVE-2022-22247"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69880",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-On-IPv6-OAM-SRv6-network-enabled-devices-an-attacker-sending-a-specific-genuine-packet-to-an-IPv6-address-configured-on-the-device-may-cause-a-RPD-memory-leak-leading-to-an-RPD-core-CVE-2022-22228"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69873",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-QFX10000-Series-In-IP-MPLS-PHP-node-scenarios-upon-receipt-of-certain-crafted-packets-multiple-interfaces-in-LAG-configurations-may-detach-CVE-2022-22223"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69896",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-memory-leak-might-be-observed-while-running-a-specific-cli-command-in-a-RIB-sharding-scenario-CVE-2022-22240"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69897",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Contrail-Networking-Multiple-Vulnerabilities-have-been-resolved-in-Contrail-Networking-release-2011-L5"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69916",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-Multiple-FPCs-become-unreachable-due-to-continuous-polling-of-specific-SNMP-OID-CVE-2022-22211"
},
{
"published_at": "2022-10-12",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69883",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Paragon-Active-Assurance-Formerly-Netrounds-Stored-Cross-site-Scripting-XSS-vulnerability-in-web-administration-CVE-2022-22229"
}
]
}
CERTFR-2023-AVI-0785
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Belden. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Belden | N/A | Hirschmann HiOS MSP30 versions antérieures à 09.0.03 | ||
| Belden | N/A | Hirschmann HiOS RSP2S, RSPS, RSPL,EES, EESX, GRS1020, GRS1030 et RED versions antérieures à 07.1.06 | ||
| Belden | N/A | Hirschmann Lite Managed GECKO versions antérieures à 2.3.4 | ||
| Belden | N/A | Hirschmann Classic RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS et OCTOPUS versions antérieures à 9.1.08 | ||
| Belden | N/A | Hirschmann HiSecOS Eagle versions antérieures à 04.3.02 | ||
| Belden | N/A | Hirschmann HiOS RSP, RSPE, MSP40, GRS, OS et BRS versions antérieures à 09.1.00 | ||
| Belden | N/A | Hirschmann HiLCOS BAT C2 versions antérieures à 9.13 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Hirschmann HiOS MSP30 versions ant\u00e9rieures \u00e0 09.0.03",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann HiOS RSP2S, RSPS, RSPL,EES, EESX, GRS1020, GRS1030 et RED versions ant\u00e9rieures \u00e0 07.1.06",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann Lite Managed GECKO versions ant\u00e9rieures \u00e0 2.3.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann Classic RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS et OCTOPUS versions ant\u00e9rieures \u00e0 9.1.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann HiSecOS Eagle versions ant\u00e9rieures \u00e0 04.3.02",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann HiOS RSP, RSPE, MSP40, GRS, OS et BRS versions ant\u00e9rieures \u00e0 09.1.00",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
},
{
"description": "Hirschmann HiLCOS BAT C2 versions ant\u00e9rieures \u00e0 9.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Belden",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2023-09-27T00:00:00",
"last_revision_date": "2023-09-27T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0785",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-09-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nBelden. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Belden",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Belden BSECV-2022-07 du 26 septembre 2023",
"url": "https://assets.belden.com/m/5513203acb22e570/original/Belden_Security_Bulletin_BSECV-2022-07.pdf"
}
]
}
CERTFR-2022-AVI-201
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM WebSphere. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM HTTP Server utilisé par IBM WebSphere Application Server versions 9.0.x.x antérieures à 9.0.5.11 | ||
| IBM | WebSphere | IBM HTTP Server utilisé par IBM WebSphere Application Server versions 7.0.0.x antérieures à 7.0.0.45 sans le correctif PH43122 | ||
| IBM | WebSphere | IBM HTTP Server utilisé par IBM WebSphere Application Server versions 8.0.0.x antérieures à 8.0.0.15 sans le correctif PH43122 | ||
| IBM | WebSphere | IBM HTTP Server utilisé par IBM WebSphere Application Server versions 8.5.x.x antérieures à 8.5.5.22 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM HTTP Server utilis\u00e9 par IBM WebSphere Application Server versions 9.0.x.x ant\u00e9rieures \u00e0 9.0.5.11",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server utilis\u00e9 par IBM WebSphere Application Server versions 7.0.0.x ant\u00e9rieures \u00e0 7.0.0.45 sans le correctif PH43122",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server utilis\u00e9 par IBM WebSphere Application Server versions 8.0.0.x ant\u00e9rieures \u00e0 8.0.0.15 sans le correctif PH43122",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server utilis\u00e9 par IBM WebSphere Application Server versions 8.5.x.x ant\u00e9rieures \u00e0 8.5.5.22",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-03-03T00:00:00",
"last_revision_date": "2022-03-03T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-201",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM WebSphere.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM WebSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6559296 du 02 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6559296"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6560814 du 02 mars 2022",
"url": "https://www.ibm.com/support/pages/node/6560814"
}
]
}
CERTFR-2022-AVI-134
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions 10.x ant\u00e9rieures \u00e0 10.1.1",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions 8.x ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-02-10T00:00:00",
"last_revision_date": "2022-02-10T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-134",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2022-05 du 08 f\u00e9vrier 2022",
"url": "https://www.tenable.com/security/tns-2022-05"
}
]
}
CERTFR-2022-AVI-487
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- IBM TXSeries for Multiplatforms versions 9.1.x sans le correctif de sécurité TXSeries_91_SpecialFIX_Liberty_042022
- IBM TXSeries for Multiplatforms versions 8.2.x sans le correctif de sécurité TXSeries_82_SpecialFIX_Liberty_042022
- IBM Tivoli Monitoring versions 6.3.0.x antérieures à 6.3.0.7 Fix Pack 7 Service Pack 12
- IBM Cloud Private versions 3.1.0.x
- IBM Cloud Private versions 3.1.1.x
- IBM Cloud Private versions 3.1.2.x
- IBM Cloud Private versions 3.2.0.x
- IBM Cloud Private versions 3.2.1.x antérieures à 3.2.1.2203
- IBM Cloud Private versions 3.2.2.x antérieures à 3.2.2.2203
L'éditeur ne propose pas de correctif pour les versions IBM Cloud Private 3.1.0, 3.1.1, 3.1.2 et 3.2.0 et conseille une mise à jour à la dernière version CD (Continuous Delivery) IBM Cloud Private 3.2.2.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eIBM TXSeries for Multiplatforms versions 9.1.x sans le correctif de s\u00e9curit\u00e9 TXSeries_91_SpecialFIX_Liberty_042022\u003c/li\u003e \u003cli\u003eIBM TXSeries for Multiplatforms versions 8.2.x sans le correctif de s\u00e9curit\u00e9 TXSeries_82_SpecialFIX_Liberty_042022\u003c/li\u003e \u003cli\u003eIBM Tivoli Monitoring versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.7 Fix Pack 7 Service Pack 12\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.1.0.x\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.1.1.x\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.1.2.x\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.2.0.x\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.2.1.x ant\u00e9rieures \u00e0 3.2.1.2203\u003c/li\u003e \u003cli\u003eIBM Cloud Private versions 3.2.2.x ant\u00e9rieures \u00e0 3.2.2.2203\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour les versions IBM Cloud Private 3.1.0, 3.1.1, 3.1.2 et 3.2.0 et conseille une mise \u00e0 jour \u00e0 la derni\u00e8re version CD (Continuous Delivery) IBM Cloud Private 3.2.2.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22965",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
}
],
"initial_release_date": "2022-05-23T00:00:00",
"last_revision_date": "2022-05-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-487",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6587154 du 20 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6587154"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6588169 du 20 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6588169"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6588149 du 20 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6588149"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6587158 du 20 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6587158"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6588167 du 20 mai 2022",
"url": "https://www.ibm.com/support/pages/node/6588167"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…