cvelistv5 - cve-2023-5517

CVE-2023-5517 (GCVE-0-2023-5517)

Vulnerability from cvelistv5

Published

2024-02-13 14:04

Modified

2025-02-13 17:25

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.

References

URL

Tags

	https://kb.isc.org/docs/cve-2023-5517	vendor-advisory
	http://www.openwall.com/lists/oss-security/2024/02/13/1
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
	https://security.netapp.com/advisory/ntap-20240503-0006/

Impacted products

	Vendor	Product	Version
	ISC	BIND 9	Version: 9.12.0 < Version: 9.18.0 < Version: 9.19.0 < Version: 9.16.8-S1 < Version: 9.18.11-S1 <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:59:44.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CVE-2023-5517",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/docs/cve-2023-5517"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/02/13/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240503-0006/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:isc:bind_9:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "bind_9",
            "vendor": "isc",
            "versions": [
              {
                "lessThanOrEqual": "9.16.45",
                "status": "affected",
                "version": "9.12.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.21",
                "status": "affected",
                "version": "9.18.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.19.19",
                "status": "affected",
                "version": "9.19.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.16.45-S1",
                "status": "affected",
                "version": "9.16.8-S1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.21-S1",
                "status": "affected",
                "version": "9.18.11-S1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5517",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-22T13:32:01.260266Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-617",
                "description": "CWE-617 Reachable Assertion",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T13:56:51.119Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "BIND 9",
          "vendor": "ISC",
          "versions": [
            {
              "lessThanOrEqual": "9.16.45",
              "status": "affected",
              "version": "9.12.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.18.21",
              "status": "affected",
              "version": "9.18.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.19.19",
              "status": "affected",
              "version": "9.19.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.16.45-S1",
              "status": "affected",
              "version": "9.16.8-S1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.18.21-S1",
              "status": "affected",
              "version": "9.18.11-S1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-02-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when:\n\n  - `nxdomain-redirect \u003cdomain\u003e;` is configured, and\n  - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response.\nThis issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "We are not aware of any active exploits."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "If both of the above conditions are met, a single suitable query will cause `named` to crash."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-03T13:06:16.924Z",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "CVE-2023-5517",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.isc.org/docs/cve-2023-5517"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/02/13/1"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240503-0006/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.16.48, 9.18.24, 9.19.21, 9.16.48-S1, or 9.18.24-S1."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Querying RFC 1918 reverse zones may cause an assertion failure when \"nxdomain-redirect\" is enabled",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disabling the `nxdomain-redirect` feature makes the faulty code path impossible to reach, preventing this flaw from being exploitable."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2023-5517",
    "datePublished": "2024-02-13T14:04:54.389Z",
    "dateReserved": "2023-10-11T07:02:42.359Z",
    "dateUpdated": "2025-02-13T17:25:39.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2025-AVI-0018

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 22.4.x antérieures à 22.4R3-S5
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.2R3-S9-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4.x-EVO antérieures à 23.4R2-S3-EVO
Juniper Networks	Junos OS	Junos OS versions 24.2.x antérieures à 24.2R1-S2 et 24.2R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2.x-EVO antérieures à 23.2R2-S3-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.4.x-EVO antérieures à 21.4R3-S10-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.4.x-EVO antérieures à 22.4R3-S5-EVO
Juniper Networks	Junos OS	Junos OS versions 22.2.x antérieures à 22.2R3-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.3.x-EVO antérieures à 22.3R3-S4-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2.x-EVO antérieures à 24.2R1-S2-EVO et 24.2R2-EVO
Juniper Networks	Junos OS	Junos OS versions 22.3.x antérieures à 22.3R3-S4
Juniper Networks	Junos OS	Junos OS versions 23.4.x antérieures à 23.4R2-S3
Juniper Networks	Junos OS	Junos OS versions 21.4.x antérieures à 21.4R3-S10
Juniper Networks	Junos OS	Junos OS versions 23.2.x antérieures à 23.2R2-S3
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.2.x-EVO antérieures à 22.2R3-S5-EVO

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks CVE-2025-21593	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21602	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks 2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks 2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21598	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21592	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21599	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21600	2025-01-08	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-21596	2025-01-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 22.4.x ant\u00e9rieures \u00e0 22.4R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R2",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S9-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.4.x-EVO ant\u00e9rieures \u00e0 23.4R2-S3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2.x ant\u00e9rieures \u00e0 24.2R1-S2 et 24.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2.x-EVO ant\u00e9rieures \u00e0 23.2R2-S3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.4.x-EVO ant\u00e9rieures \u00e0 21.4R3-S10-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4.x-EVO ant\u00e9rieures \u00e0 22.4R3-S5-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.2.x ant\u00e9rieures \u00e0 22.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.3.x-EVO ant\u00e9rieures \u00e0 22.3R3-S4-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.2.x-EVO ant\u00e9rieures \u00e0 24.2R1-S2-EVO et 24.2R2-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.3.x ant\u00e9rieures \u00e0 22.3R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4.x ant\u00e9rieures \u00e0 23.4R2-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.4.x ant\u00e9rieures \u00e0 21.4R3-S10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2.x ant\u00e9rieures \u00e0 23.2R2-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.2.x-EVO ant\u00e9rieures \u00e0 22.2R3-S5-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-35875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35875"
    },
    {
      "name": "CVE-2024-35797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35797"
    },
    {
      "name": "CVE-2024-26886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
    },
    {
      "name": "CVE-2023-52801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52801"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2024-26629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
    },
    {
      "name": "CVE-2025-21592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21592"
    },
    {
      "name": "CVE-2022-24809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24809"
    },
    {
      "name": "CVE-2025-21599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21599"
    },
    {
      "name": "CVE-2024-35791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35791"
    },
    {
      "name": "CVE-2023-3019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3019"
    },
    {
      "name": "CVE-2022-24805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
    },
    {
      "name": "CVE-2023-50868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
    },
    {
      "name": "CVE-2024-45492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
    },
    {
      "name": "CVE-2024-36883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
    },
    {
      "name": "CVE-2023-3255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3255"
    },
    {
      "name": "CVE-2024-26946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26946"
    },
    {
      "name": "CVE-2024-26720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26720"
    },
    {
      "name": "CVE-2023-4408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
    },
    {
      "name": "CVE-2024-45490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
    },
    {
      "name": "CVE-2024-45491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
    },
    {
      "name": "CVE-2022-24807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24807"
    },
    {
      "name": "CVE-2024-39894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39894"
    },
    {
      "name": "CVE-2023-6240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6240"
    },
    {
      "name": "CVE-2023-6683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6683"
    },
    {
      "name": "CVE-2024-42131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42131"
    },
    {
      "name": "CVE-2024-1488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
    },
    {
      "name": "CVE-2022-24810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24810"
    },
    {
      "name": "CVE-2024-26630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26630"
    },
    {
      "name": "CVE-2023-5517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5517"
    },
    {
      "name": "CVE-2024-41073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
    },
    {
      "name": "CVE-2025-21600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21600"
    },
    {
      "name": "CVE-2024-42082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42082"
    },
    {
      "name": "CVE-2025-21596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21596"
    },
    {
      "name": "CVE-2024-32462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32462"
    },
    {
      "name": "CVE-2016-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
    },
    {
      "name": "CVE-2025-21602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21602"
    },
    {
      "name": "CVE-2024-25742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
    },
    {
      "name": "CVE-2024-25743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
    },
    {
      "name": "CVE-2024-42096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42096"
    },
    {
      "name": "CVE-2024-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
    },
    {
      "name": "CVE-2025-21593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21593"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-36019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36019"
    },
    {
      "name": "CVE-2024-41040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41040"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-40927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40927"
    },
    {
      "name": "CVE-2024-41055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41055"
    },
    {
      "name": "CVE-2023-50387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
    },
    {
      "name": "CVE-2024-42102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42102"
    },
    {
      "name": "CVE-2025-21598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21598"
    },
    {
      "name": "CVE-2024-40936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40936"
    },
    {
      "name": "CVE-2006-5051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051"
    },
    {
      "name": "CVE-2024-41096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41096"
    },
    {
      "name": "CVE-2023-6516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6516"
    },
    {
      "name": "CVE-2024-28835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
    },
    {
      "name": "CVE-2024-41044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41044"
    },
    {
      "name": "CVE-2024-38559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
    },
    {
      "name": "CVE-2024-6387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
    },
    {
      "name": "CVE-2022-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24806"
    },
    {
      "name": "CVE-2024-36979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36979"
    },
    {
      "name": "CVE-2023-52463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
    },
    {
      "name": "CVE-2024-36000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36000"
    },
    {
      "name": "CVE-2023-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5679"
    },
    {
      "name": "CVE-2023-5088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5088"
    },
    {
      "name": "CVE-2023-42467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42467"
    },
    {
      "name": "CVE-2022-24808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
    }
  ],
  "initial_release_date": "2025-01-09T00:00:00",
  "last_revision_date": "2025-01-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0018",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-01-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21593",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-On-SRv6-enabled-devices-an-attacker-sending-a-malformed-BGP-update-can-cause-the-rpd-to-crash-CVE-2025-21593"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21602",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specially-crafted-BGP-update-packet-causes-RPD-crash-CVE-2025-21602"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21598",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21592",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-highly-sensitive-information-on-file-system-CVE-2025-21592"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21599",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specifically-malformed-IPv6-packets-causes-kernel-memory-exhaustion-leading-to-Denial-of-Service-CVE-2025-21599"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21600",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-certain-BGP-options-enabled-receipt-of-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-21600"
    },
    {
      "published_at": "2025-01-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-21596",
      "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-Execution-of-low-privileged-CLI-command-results-in-chassisd-crash-CVE-2025-21596"
    }
  ]
}

CERTFR-2024-AVI-0122

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Bind. Elles permettent à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
ISC	BIND	Bind versions antérieures à 9.16.48
ISC	BIND	Bind Supported Preview Edition versions 9.18.x postérieures à 9.18.11-S1 et antérieures à 9.18.24-S1
ISC	BIND	Bind Supported Preview Edition versions 9.x postérieures à 9.9.3-S1 et antérieures à 9.16.48-S1
ISC	BIND	Bind versions 9.18.x antérieures à 9.18.24
ISC	BIND	Bind versions 9.19.x antérieures à 9.19.21

References

Title

Publication Time

Tags

Bulletin de sécurité Bind CVE-2023-5679 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-6516 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-5517 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-5680 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-50387 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-50868 du 13 février 2024	None	vendor-advisory
Bulletin de sécurité Bind CVE-2023-4408 du 13 février 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Bind versions ant\u00e9rieures \u00e0 9.16.48",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "Bind Supported Preview Edition versions 9.18.x post\u00e9rieures \u00e0 9.18.11-S1 et ant\u00e9rieures \u00e0 9.18.24-S1",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "Bind Supported Preview Edition versions 9.x post\u00e9rieures \u00e0 9.9.3-S1 et ant\u00e9rieures \u00e0 9.16.48-S1",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "Bind versions 9.18.x ant\u00e9rieures \u00e0 9.18.24",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    },
    {
      "description": "Bind versions 9.19.x ant\u00e9rieures \u00e0 9.19.21",
      "product": {
        "name": "BIND",
        "vendor": {
          "name": "ISC",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-50868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
    },
    {
      "name": "CVE-2023-4408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
    },
    {
      "name": "CVE-2023-5517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5517"
    },
    {
      "name": "CVE-2023-50387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
    },
    {
      "name": "CVE-2023-6516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6516"
    },
    {
      "name": "CVE-2023-4236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4236"
    },
    {
      "name": "CVE-2023-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5679"
    },
    {
      "name": "CVE-2023-5680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5680"
    }
  ],
  "initial_release_date": "2024-02-13T00:00:00",
  "last_revision_date": "2024-02-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0122",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-02-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eBind\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Bind",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-5679 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-5679"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-6516 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-6516"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-5517 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-5517"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-5680 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-5680"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-50387 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-50387"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-50868 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-50868"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Bind CVE-2023-4408 du 13 f\u00e9vrier 2024",
      "url": "https://kb.isc.org/v1/docs/cve-2023-4408"
    }
  ]
}

CERTFR-2024-AVI-0627

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu	VMware Tanzu Applications Service for VMs versions antérieures à 4.0.19+LTS-T
VMware	Tanzu	VMware Tanzu Applications Service for VMs versions 5.0.x antérieures à 5.0.9
VMware	Tanzu	CF Deployment versions antérieures à 39.3.0
VMware	Tanzu	Cflinuxfs3 versions antérieures à 0.386.0
VMware	Tanzu	Tanzu Application Service versions 6.0.x antérieures à 6.0.5+LTS-T
VMware	Tanzu	Jammy Stemcells versions antérieures à 1.404
VMware	Tanzu	Isolation Segment versions antérieures à 4.0.19+LTS-T
VMware	Tanzu	Tanzu Greenplum pour Kubernetes versions antérieures à 2.0.0
VMware	Tanzu	Operations Manager versions antérieures à 3.0.25+LTS-T
VMware	Tanzu	Cflinuxfs4 versions antérieures à 1.79.0
VMware	Tanzu	Isolation Segment versions 5.0.x antérieures à 5.0.9
VMware	Tanzu	Tanzu Application Service versions antérieures à 4.0.25+LTS-T
VMware	Tanzu	Tanzu Application Service versions 5.0.x antérieures à 5.0.15

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 24838	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24848	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24845	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24840	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24850	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24837	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24836	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24844	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24842	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24843	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24839	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24841	2024-07-25	vendor-advisory
Bulletin de sécurité VMware 24827	2024-07-25	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware Tanzu Applications Service for VMs versions ant\u00e9rieures \u00e0 4.0.19+LTS-T ",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tanzu Applications Service for VMs versions 5.0.x ant\u00e9rieures \u00e0 5.0.9",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "CF Deployment versions ant\u00e9rieures \u00e0 39.3.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cflinuxfs3 versions ant\u00e9rieures \u00e0 0.386.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Application Service versions 6.0.x ant\u00e9rieures \u00e0 6.0.5+LTS-T",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Jammy Stemcells versions ant\u00e9rieures \u00e0 1.404",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Isolation Segment versions ant\u00e9rieures \u00e0 4.0.19+LTS-T ",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum pour Kubernetes versions ant\u00e9rieures \u00e0 2.0.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Operations Manager versions ant\u00e9rieures \u00e0 3.0.25+LTS-T",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cflinuxfs4 versions ant\u00e9rieures \u00e0 1.79.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Isolation Segment versions 5.0.x ant\u00e9rieures \u00e0 5.0.9",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Application Service versions ant\u00e9rieures \u00e0 4.0.25+LTS-T",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Application Service versions 5.0.x ant\u00e9rieures \u00e0 5.0.15 ",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-52356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
    },
    {
      "name": "CVE-2022-43236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
    },
    {
      "name": "CVE-2022-43237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
    },
    {
      "name": "CVE-2024-20977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20977"
    },
    {
      "name": "CVE-2024-20985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20985"
    },
    {
      "name": "CVE-2024-20964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20964"
    },
    {
      "name": "CVE-2024-20976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20976"
    },
    {
      "name": "CVE-2023-24757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
    },
    {
      "name": "CVE-2022-43239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
    },
    {
      "name": "CVE-2023-50868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
    },
    {
      "name": "CVE-2022-43240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
    },
    {
      "name": "CVE-2022-43244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
    },
    {
      "name": "CVE-2024-20962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20962"
    },
    {
      "name": "CVE-2022-47695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47695"
    },
    {
      "name": "CVE-2021-36411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
    },
    {
      "name": "CVE-2024-20969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20969"
    },
    {
      "name": "CVE-2023-4408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
    },
    {
      "name": "CVE-2023-6277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
    },
    {
      "name": "CVE-2023-24758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
    },
    {
      "name": "CVE-2022-43249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
    },
    {
      "name": "CVE-2022-43242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
    },
    {
      "name": "CVE-2024-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
    },
    {
      "name": "CVE-2024-20966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20966"
    },
    {
      "name": "CVE-2022-48065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48065"
    },
    {
      "name": "CVE-2024-20972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20972"
    },
    {
      "name": "CVE-2021-35452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
    },
    {
      "name": "CVE-2022-43248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
    },
    {
      "name": "CVE-2023-24752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
    },
    {
      "name": "CVE-2022-43245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
    },
    {
      "name": "CVE-2021-36410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
    },
    {
      "name": "CVE-2023-24751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
    },
    {
      "name": "CVE-2023-25221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25221"
    },
    {
      "name": "CVE-2024-20961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20961"
    },
    {
      "name": "CVE-2023-43040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43040"
    },
    {
      "name": "CVE-2023-5517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5517"
    },
    {
      "name": "CVE-2024-20983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20983"
    },
    {
      "name": "CVE-2023-24754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
    },
    {
      "name": "CVE-2022-1253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1253"
    },
    {
      "name": "CVE-2024-20984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20984"
    },
    {
      "name": "CVE-2022-43235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
    },
    {
      "name": "CVE-2022-47665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47665"
    },
    {
      "name": "CVE-2022-48063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48063"
    },
    {
      "name": "CVE-2024-38806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38806"
    },
    {
      "name": "CVE-2022-43253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
    },
    {
      "name": "CVE-2023-24755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
    },
    {
      "name": "CVE-2022-43252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2024-20963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20963"
    },
    {
      "name": "CVE-2022-43238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
    },
    {
      "name": "CVE-2024-20981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20981"
    },
    {
      "name": "CVE-2021-36409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36409"
    },
    {
      "name": "CVE-2023-24756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
    },
    {
      "name": "CVE-2022-43243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
    },
    {
      "name": "CVE-2023-50387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
    },
    {
      "name": "CVE-2024-0985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
    },
    {
      "name": "CVE-2024-20974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20974"
    },
    {
      "name": "CVE-2022-43241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
    },
    {
      "name": "CVE-2021-36408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
    },
    {
      "name": "CVE-2024-20982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20982"
    },
    {
      "name": "CVE-2022-43250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
    },
    {
      "name": "CVE-2024-20971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20971"
    },
    {
      "name": "CVE-2024-20978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20978"
    },
    {
      "name": "CVE-2024-20973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20973"
    },
    {
      "name": "CVE-2024-20965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20965"
    },
    {
      "name": "CVE-2024-20967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20967"
    },
    {
      "name": "CVE-2024-20970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20970"
    },
    {
      "name": "CVE-2023-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5679"
    },
    {
      "name": "CVE-2024-20960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20960"
    }
  ],
  "initial_release_date": "2024-07-26T00:00:00",
  "last_revision_date": "2024-07-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0627",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-07-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24838",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24838"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24848",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24848"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24845",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24845"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24840",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24840"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24850",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24850"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24837",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24837"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24836",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24836"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24844",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24844"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24842",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24842"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24843",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24843"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24839",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24839"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24841",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24841"
    },
    {
      "published_at": "2024-07-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 24827",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24827"
    }
  ]
}

CERTFR-2024-AVI-0470

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	N/A	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF03
IBM	N/A	AIX versions 7.2 et 7.3 sans la dernière version du fichier bind.rte
IBM	N/A	MaaS360 Mobile Enterprise Gateway (MEG) versions antérieures à 3.000.800
IBM	N/A	IBM Sterling Transformation Extender versions 11.x antérieures à 11.0.0.0 sans le correctif de sécurité PH61425
IBM	N/A	Db2 versions 11.1.4 à 11.1.4.7 sans le dernier correctif de sécurité pour TSAMP
IBM	N/A	MaaS360 VPN versions antérieures à 3.000.800
IBM	N/A	Db2 versions 10.5.0 à 10.5.11 sans le dernier correctif de sécurité pour Tivoli System Automation for Multiplatforms (TSAMP)
IBM	N/A	VIOS versions 3.1 et 4.1 sans la dernière version du fichier bind.rte
IBM	N/A	Db2 versions 11.5.0 à 11.1.5.9 sans le dernier correctif de sécurité pour TSAMP
IBM	N/A	IBM Sterling Transformation Extender versions 10.1.1.x antérieures à 10.1.1.1 sans le correctif de sécurité PH61425
IBM	N/A	IBM Sterling Transformation Extender versions 10.1.0.x antérieures à 10.1.0.2 sans le correctif de sécurité PH61425
IBM	N/A	IBM Sterling Transformation Extender versions 10.1.2.x antérieures à 10.1.2.1 sans le correctif de sécurité PH61425

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7156667	2024-06-06	vendor-advisory
Bulletin de sécurité IBM 7156255	2024-06-03	vendor-advisory
Bulletin de sécurité IBM 7156525	2024-06-05	vendor-advisory
Bulletin de sécurité IBM 7156443	2024-06-04	vendor-advisory
Bulletin de sécurité IBM 7156292	2024-06-03	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF03",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX versions 7.2 et 7.3 sans la derni\u00e8re version du fichier bind.rte",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "MaaS360 Mobile Enterprise Gateway (MEG) versions ant\u00e9rieures \u00e0 3.000.800",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 11.x ant\u00e9rieures \u00e0 11.0.0.0 sans le correctif de s\u00e9curit\u00e9 PH61425",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 versions 11.1.4 \u00e0 11.1.4.7 sans le dernier correctif de s\u00e9curit\u00e9 pour TSAMP",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "MaaS360 VPN versions ant\u00e9rieures \u00e0 3.000.800",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 versions 10.5.0 \u00e0 10.5.11 sans le dernier correctif de s\u00e9curit\u00e9 pour Tivoli System Automation for Multiplatforms (TSAMP)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS versions 3.1 et 4.1 sans la derni\u00e8re version du fichier bind.rte",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Db2 versions 11.5.0 \u00e0 11.1.5.9 sans le dernier correctif de s\u00e9curit\u00e9 pour TSAMP",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.1.x ant\u00e9rieures \u00e0 10.1.1.1 sans le correctif de s\u00e9curit\u00e9 PH61425",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.0.x ant\u00e9rieures \u00e0 10.1.0.2 sans le correctif de s\u00e9curit\u00e9 PH61425",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Transformation Extender versions 10.1.2.x ant\u00e9rieures \u00e0 10.1.2.1 sans le correctif de s\u00e9curit\u00e9 PH61425",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-20919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
    },
    {
      "name": "CVE-2023-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
    },
    {
      "name": "CVE-2024-22201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
    },
    {
      "name": "CVE-2023-40551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40551"
    },
    {
      "name": "CVE-2024-20926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
    },
    {
      "name": "CVE-2023-50868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2024-22243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
    },
    {
      "name": "CVE-2024-29025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
    },
    {
      "name": "CVE-2023-4408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
    },
    {
      "name": "CVE-2024-22262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2023-5517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5517"
    },
    {
      "name": "CVE-2023-3758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3758"
    },
    {
      "name": "CVE-2023-40546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40546"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-50387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
    },
    {
      "name": "CVE-2023-40549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40549"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2023-40548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40548"
    },
    {
      "name": "CVE-2024-22259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
    },
    {
      "name": "CVE-2023-6516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6516"
    },
    {
      "name": "CVE-2023-40550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40550"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-5679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5679"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2023-40547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40547"
    }
  ],
  "initial_release_date": "2024-06-07T00:00:00",
  "last_revision_date": "2024-06-07T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0470",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-06-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-06-06",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7156667",
      "url": "https://www.ibm.com/support/pages/node/7156667"
    },
    {
      "published_at": "2024-06-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7156255",
      "url": "https://www.ibm.com/support/pages/node/7156255"
    },
    {
      "published_at": "2024-06-05",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7156525",
      "url": "https://www.ibm.com/support/pages/node/7156525"
    },
    {
      "published_at": "2024-06-04",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7156443",
      "url": "https://www.ibm.com/support/pages/node/7156443"
    },
    {
      "published_at": "2024-06-03",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7156292",
      "url": "https://www.ibm.com/support/pages/node/7156292"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-5517 (GCVE-0-2023-5517)

Vulnerability from cvelistv5

CERTFR-2025-AVI-0018

Vulnerability from certfr_avis

Solutions

CERTFR-2024-AVI-0122

Vulnerability from certfr_avis

Solution

CERTFR-2024-AVI-0627

Vulnerability from certfr_avis

Solutions

CERTFR-2024-AVI-0470

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature