cvelistv5 - cve-2024-3652

CVE-2024-3652 (GCVE-0-2024-3652)

Vulnerability from cvelistv5

Published

2024-04-11 01:32

Modified

2026-02-27 15:19

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart

Summary

The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.

References

URL

Tags

	https://libreswan.org/security/CVE-2024-3652	vendor-advisory
	http://www.openwall.com/lists/oss-security/2024/04/18/2

Impacted products

	Vendor	Product	Version
	The Libreswan Project (www.libreswan.org)	libreswan	Version: 3.22 ≤ 4.14

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-3652",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-11T17:26:47.015453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-404",
                "description": "CWE-404 Improper Resource Shutdown or Release",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T15:19:48.988Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:19:59.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CVE-2024-3652",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://libreswan.org/security/CVE-2024-3652"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "libreswan",
          "vendor": "The Libreswan Project (www.libreswan.org)",
          "versions": [
            {
              "lessThanOrEqual": "4.14",
              "status": "affected",
              "version": "3.22",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "5.0"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The vulnerability can only be triggered for connections with ikev2=no that do not specify an esp= option."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "github user X1AOxiang"
        }
      ],
      "datePublic": "2024-04-12T21:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan\u0027s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:10:23.219Z",
        "orgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
        "shortName": "libreswan"
      },
      "references": [
        {
          "name": "CVE-2024-3652",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://libreswan.org/security/CVE-2024-3652"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/04/18/2"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in 4.15 and all later versions."
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-24T00:00:00.000Z",
          "value": "Issue reported publicly by github user X1AOxiang via https://github.com/libreswan/libreswan/issues/1665"
        },
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00.000Z",
          "value": "Fix published in commit 03caa63de1e3 (as issue was already public via githb issue)"
        },
        {
          "lang": "en",
          "time": "2024-04-10T00:00:00.000Z",
          "value": "Advanced notice given to support customers and distributions"
        },
        {
          "lang": "en",
          "time": "2024-04-12T00:00:00.000Z",
          "value": "CVE-2024-3652 published"
        }
      ],
      "title": "IKEv1 default AH/ESP responder can cause libreswan to abort and restart",
      "workarounds": [
        {
          "lang": "en",
          "value": "As a workaround, adding an esp= line to all IKEv1 connections works around the issue. An example covering most common default configurations would be: esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d42dc95b-23f1-4e06-9076-20753a0fb0df",
    "assignerShortName": "libreswan",
    "cveId": "CVE-2024-3652",
    "datePublished": "2024-04-11T01:32:13.433Z",
    "dateReserved": "2024-04-11T01:28:41.331Z",
    "dateUpdated": "2026-02-27T15:19:48.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://libreswan.org/security/CVE-2024-3652\", \"name\": \"CVE-2024-3652\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/18/2\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:19:59.933Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-3652\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-11T17:26:47.015453Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-404\", \"description\": \"CWE-404 Improper Resource Shutdown or Release\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:23.347Z\"}}], \"cna\": {\"title\": \"IKEv1 default AH/ESP responder can cause libreswan to abort and restart\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"github user X1AOxiang\"}], \"affected\": [{\"vendor\": \"The Libreswan Project (www.libreswan.org)\", \"product\": \"libreswan\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.22\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14\"}, {\"status\": \"unaffected\", \"version\": \"5.0\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-03-24T00:00:00.000Z\", \"value\": \"Issue reported publicly by github user X1AOxiang via https://github.com/libreswan/libreswan/issues/1665\"}, {\"lang\": \"en\", \"time\": \"2024-03-27T00:00:00.000Z\", \"value\": \"Fix published in commit 03caa63de1e3 (as issue was already public via githb issue)\"}, {\"lang\": \"en\", \"time\": \"2024-04-10T00:00:00.000Z\", \"value\": \"Advanced notice given to support customers and distributions\"}, {\"lang\": \"en\", \"time\": \"2024-04-12T00:00:00.000Z\", \"value\": \"CVE-2024-3652 published\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"This issue is fixed in 4.15 and all later versions.\"}], \"datePublic\": \"2024-04-12T21:00:00.000Z\", \"references\": [{\"url\": \"https://libreswan.org/security/CVE-2024-3652\", \"name\": \"CVE-2024-3652\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/18/2\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"As a workaround, adding an esp= line to all IKEv1 connections works around the issue. An example covering most common default configurations would be: esp=aes-sha2_512,aes-sha1,aes-sha2_256,aes-md5,3des-sha1,3des-md5.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan\u0027s default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"IKEv1 with default AH/ESP configuration can cause libreswan to abort and restart\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"The vulnerability can only be triggered for connections with ikev2=no that do not specify an esp= option.\"}], \"providerMetadata\": {\"orgId\": \"d42dc95b-23f1-4e06-9076-20753a0fb0df\", \"shortName\": \"libreswan\", \"dateUpdated\": \"2024-05-01T17:10:23.219Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-3652\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-27T15:19:48.988Z\", \"dateReserved\": \"2024-04-11T01:28:41.331Z\", \"assignerOrgId\": \"d42dc95b-23f1-4e06-9076-20753a0fb0df\", \"datePublished\": \"2024-04-11T01:32:13.433Z\", \"assignerShortName\": \"libreswan\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2025-AVI-0304

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que les versions 21.4.x de Junos OS pour SRX Series ne bénéficient pas de correctif pour la vulnérabilité CVE-2025-30659.

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 21.4.x antérieures à 21.4R3-S10
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.4.x-EVO antérieures à 22.4R3-S6-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4.x-EVO antérieures à 23.4R2-S4-EVO
Juniper Networks	Junos OS	Junos OS versions 22.2.x antérieures à 22.2R3-S6
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.4R3-S10-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2.x-EVO antérieures à 23.2R2-S3-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2.x-EVO antérieures à 24.2R2-EVO
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R3
Juniper Networks	Junos Space	Junos Space Security Director versions antérieures à 24.1R3
Juniper Networks	Junos OS	Junos OS versions 23.4.x antérieures à 23.4R2-S4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.2.x-EVO antérieures à 22.2R3-S6-EVO
Juniper Networks	CTPView	CTPView versions antérieures à 9.2R1
Juniper Networks	Junos OS	Junos OS versions 22.4.x antérieures à 22.4R3-S6
Juniper Networks	Junos OS	Junos OS versions 23.2.x antérieures à 23.2R2-S3
Juniper Networks	Junos OS	Junos OS versions 24.2.x antérieures à 24.2R2
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA96456	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96447	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96467	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96461	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96446	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96451	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96470	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96458	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96462	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96457	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96466	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96463	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96459	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96450	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96464	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96453	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96465	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96444	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96469	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96448	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96471	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96449	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96455	2025-04-09	vendor-advisory
Bulletin de sécurité Juniper Networks JSA96452	2025-04-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 21.4.x ant\u00e9rieures \u00e0 21.4R3-S10 ",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4.x-EVO ant\u00e9rieures \u00e0 22.4R3-S6-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.4.x-EVO ant\u00e9rieures \u00e0 23.4R2-S4-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.2.x ant\u00e9rieures \u00e0 22.2R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S10-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2.x-EVO ant\u00e9rieures \u00e0 23.2R2-S3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.2.x-EVO ant\u00e9rieures \u00e0 24.2R2-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R3",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space Security Director versions ant\u00e9rieures \u00e0 24.1R3",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4.x ant\u00e9rieures \u00e0 23.4R2-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.2.x-EVO ant\u00e9rieures \u00e0 22.2R3-S6-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView versions ant\u00e9rieures \u00e0 9.2R1",
      "product": {
        "name": "CTPView",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.4.x ant\u00e9rieures \u00e0 22.4R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2.x ant\u00e9rieures \u00e0 23.2R2-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2.x ant\u00e9rieures \u00e0 24.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "L\u0027\u00e9diteur indique que les versions 21.4.x de Junos OS pour SRX Series ne b\u00e9n\u00e9ficient pas de correctif pour la vuln\u00e9rabilit\u00e9 CVE-2025-30659.",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-42472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42472"
    },
    {
      "name": "CVE-2024-7006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
    },
    {
      "name": "CVE-2024-21235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
    },
    {
      "name": "CVE-2024-27820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27820"
    },
    {
      "name": "CVE-2024-42284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2025-21597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21597"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2024-4076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
    },
    {
      "name": "CVE-2025-30658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30658"
    },
    {
      "name": "CVE-2024-40866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40866"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-21823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
    },
    {
      "name": "CVE-2023-28746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
    },
    {
      "name": "CVE-2024-26993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26993"
    },
    {
      "name": "CVE-2024-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
    },
    {
      "name": "CVE-2024-40898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40898"
    },
    {
      "name": "CVE-2024-26852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26852"
    },
    {
      "name": "CVE-2011-5094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-5094"
    },
    {
      "name": "CVE-2025-30657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30657"
    },
    {
      "name": "CVE-2025-30660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30660"
    },
    {
      "name": "CVE-2024-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2024-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3652"
    },
    {
      "name": "CVE-2024-44187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-44187"
    },
    {
      "name": "CVE-2025-21601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21601"
    },
    {
      "name": "CVE-2024-32021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32021"
    },
    {
      "name": "CVE-2024-40725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40725"
    },
    {
      "name": "CVE-2019-7611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7611"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2025-21591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21591"
    },
    {
      "name": "CVE-2025-30649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30649"
    },
    {
      "name": "CVE-2025-30652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30652"
    },
    {
      "name": "CVE-2024-40789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40789"
    },
    {
      "name": "CVE-2024-35845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
    },
    {
      "name": "CVE-2025-30651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30651"
    },
    {
      "name": "CVE-2024-32004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32004"
    },
    {
      "name": "CVE-2024-39884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39884"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2024-32020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32020"
    },
    {
      "name": "CVE-2024-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
    },
    {
      "name": "CVE-2024-27838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27838"
    },
    {
      "name": "CVE-2024-23271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23271"
    },
    {
      "name": "CVE-2024-39487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2025-30647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30647"
    },
    {
      "name": "CVE-2024-32465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32465"
    },
    {
      "name": "CVE-2011-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
    },
    {
      "name": "CVE-2025-30654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30654"
    },
    {
      "name": "CVE-2025-30655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30655"
    },
    {
      "name": "CVE-2024-40782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40782"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2024-35899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
    },
    {
      "name": "CVE-2024-40954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
    },
    {
      "name": "CVE-2021-47596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47596"
    },
    {
      "name": "CVE-2025-30659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30659"
    },
    {
      "name": "CVE-2025-30653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30653"
    },
    {
      "name": "CVE-2025-30645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30645"
    },
    {
      "name": "CVE-2020-7021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7021"
    },
    {
      "name": "CVE-2021-22135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22135"
    },
    {
      "name": "CVE-2025-30646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30646"
    },
    {
      "name": "CVE-2024-27851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27851"
    },
    {
      "name": "CVE-2025-30644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30644"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2025-30656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30656"
    },
    {
      "name": "CVE-2022-39253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39253"
    },
    {
      "name": "CVE-2021-22144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22144"
    },
    {
      "name": "CVE-2024-40958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
    },
    {
      "name": "CVE-2025-21595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21595"
    },
    {
      "name": "CVE-2025-30648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30648"
    },
    {
      "name": "CVE-2024-21210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
    },
    {
      "name": "CVE-2021-22137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22137"
    },
    {
      "name": "CVE-2024-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2024-21217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2023-6597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
    },
    {
      "name": "CVE-2022-24808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
    },
    {
      "name": "CVE-2024-21208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
    },
    {
      "name": "CVE-2025-21594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21594"
    },
    {
      "name": "CVE-2020-7020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7020"
    }
  ],
  "initial_release_date": "2025-04-10T00:00:00",
  "last_revision_date": "2025-04-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0304",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96456",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-malformed-LLDP-TLV-results-in-l2cpd-crash-CVE-2025-30646"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96447",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R3-release"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96467",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-Processing-of-a-specific-BGP-update-causes-the-SRRD-process-to-crash-CVE-2025-30657?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96461",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-ICMPv6-packet-causes-a-memory-overrun-leading-to-an-rpd-crash-CVE-2025-30651"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96446",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R3-release"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96451",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-rib-sharding-and-update-threading-are-configured-and-a-peer-flaps-an-rpd-core-is-observed"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96470",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-SRX-Series-A-device-configured-for-vector-routing-crashes-when-receiving-specific-traffic-CVE-2025-30659?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96458",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-DHCP-packet-causes-jdhcpd-process-to-crash-CVE-2025-30648"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96462",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Executing-a-specific-CLI-command-when-asregex-optimized-is-configured-causes-an-RPD-crash-CVE-2025-30652"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96457",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-MX-Series-Subscriber-login-logout-activity-will-lead-to-a-memory-leak-CVE-2025-30647"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96466",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-MX-Series-SRX-Series-Processing-of-specific-SIP-INVITE-messages-by-the-SIP-ALG-will-lead-to-an-FPC-crash-CVE-2025-30656?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96463",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-LSP-flap-in-a-specific-MPLS-LSP-scenario-leads-to-RPD-crash-CVE-2025-30653"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96459",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-MX240-MX480-MX960-with-SPC3-An-attacker-sending-specific-packets-will-cause-a-CPU-utilization-DoS-CVE-2025-30649"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96450",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-VXLAN-scenario-specific-ARP-or-NDP-packets-cause-FPC-to-crash-CVE-2025-21595"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96464",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-local-low-privileged-user-can-access-sensitive-information-CVE-2025-30654"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96453",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-EX2300-EX3400-EX4000-Series-QFX5k-Series-Receipt-of-a-specific-DHCP-packet-causes-FPC-crash-when-DHCP-Option-82-is-enabled-CVE-2025-30644"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96465",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-CLI-command-will-cause-a-RPD-crash-when-rib-sharding-and-update-threading-is-enabled-CVE-2025-30655?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96444",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-CTP-View-Multiple-Vulnerabilities-resolved-in-9-2R1-release"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96469",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-SRX-Series-On-devices-with-Anti-Virus-enabled-malicious-server-responses-will-cause-memory-to-leak-ultimately-causing-forwarding-to-stop-CVE-2025-30658?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96448",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-An-unauthenticated-adjacent-attacker-sending-a-malformed-DHCP-packet-causes-jdhcpd-to-crash-CVE-2025-21591"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96471",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-MX-Series-Decapsulation-of-specific-GRE-packets-leads-to-PFE-reset-CVE-2025-30660?language=en_US"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96449",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-MX-Series-In-DS-lite-and-NAT-senario-receipt-of-crafted-IPv4-traffic-causes-port-block-CVE-2025-21594"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96455",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-SRX-Series-Transmission-of-specific-control-traffic-sent-out-of-a-DS-Lite-tunnel-results-in-flowd-crash-CVE-2025-30645"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA96452",
      "url": "https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-SRX-and-EX-Series-MX240-MX480-MX960-QFX5120-Series-When-web-management-is-enabled-for-specific-services-an-attacker-may-cause-a-CPU-spike-by-sending-genuine-packets-to-the-device-CVE-2025-21601"
    }
  ]
}

CERTFR-2024-AVI-0741

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Secure Analytics. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Juniper Networks	Secure Analytics	Juniper Secure Analytics versions antérieures à 7.5.0 UP9 IF02

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA86686

2024-09-30

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP9 IF02",
      "product": {
        "name": "Secure Analytics",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-29483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
    },
    {
      "name": "CVE-2024-42472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42472"
    },
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2023-52477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
    },
    {
      "name": "CVE-2023-52675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
    },
    {
      "name": "CVE-2023-4692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4692"
    },
    {
      "name": "CVE-2024-27059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27059"
    },
    {
      "name": "CVE-2024-26656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2023-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
    },
    {
      "name": "CVE-2024-26974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26974"
    },
    {
      "name": "CVE-2024-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
    },
    {
      "name": "CVE-2021-47055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47055"
    },
    {
      "name": "CVE-2020-36777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36777"
    },
    {
      "name": "CVE-2023-43788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43788"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2024-26585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2024-27397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27397"
    },
    {
      "name": "CVE-2024-35854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35854"
    },
    {
      "name": "CVE-2023-52878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52878"
    },
    {
      "name": "CVE-2021-47185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47185"
    },
    {
      "name": "CVE-2024-23650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23650"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-26964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
    },
    {
      "name": "CVE-2024-5564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2024-26993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26993"
    },
    {
      "name": "CVE-2019-25162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2023-39321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
    },
    {
      "name": "CVE-2024-3933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3933"
    },
    {
      "name": "CVE-2024-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
    },
    {
      "name": "CVE-2023-52669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52669"
    },
    {
      "name": "CVE-2019-11358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
    },
    {
      "name": "CVE-2020-15778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
    },
    {
      "name": "CVE-2022-3287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3287"
    },
    {
      "name": "CVE-2024-36004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36004"
    },
    {
      "name": "CVE-2024-26859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26859"
    },
    {
      "name": "CVE-2020-13936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2024-35959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
    },
    {
      "name": "CVE-2018-20060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
    },
    {
      "name": "CVE-2024-35855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35855"
    },
    {
      "name": "CVE-2024-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
    },
    {
      "name": "CVE-2023-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2024-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3652"
    },
    {
      "name": "CVE-2024-26615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
    },
    {
      "name": "CVE-2023-45802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45802"
    },
    {
      "name": "CVE-2024-26801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26801"
    },
    {
      "name": "CVE-2024-36007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36007"
    },
    {
      "name": "CVE-2021-47311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47311"
    },
    {
      "name": "CVE-2023-3635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
    },
    {
      "name": "CVE-2024-26643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-32021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32021"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2024-25629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
    },
    {
      "name": "CVE-2024-28180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
    },
    {
      "name": "CVE-2024-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2024-30172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
    },
    {
      "name": "CVE-2023-52528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
    },
    {
      "name": "CVE-2024-27048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27048"
    },
    {
      "name": "CVE-2021-47013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47013"
    },
    {
      "name": "CVE-2023-52781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
    },
    {
      "name": "CVE-2024-35845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
    },
    {
      "name": "CVE-2021-41072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2021-47073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47073"
    },
    {
      "name": "CVE-2024-26804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26804"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2022-48627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48627"
    },
    {
      "name": "CVE-2021-47171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47171"
    },
    {
      "name": "CVE-2024-26743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
    },
    {
      "name": "CVE-2023-52686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
    },
    {
      "name": "CVE-2021-47236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47236"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-6240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6240"
    },
    {
      "name": "CVE-2024-32004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32004"
    },
    {
      "name": "CVE-2021-47118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47118"
    },
    {
      "name": "CVE-2024-35890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35890"
    },
    {
      "name": "CVE-2020-23064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
    },
    {
      "name": "CVE-2023-6918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
    },
    {
      "name": "CVE-2024-22195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
    },
    {
      "name": "CVE-2023-52877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2024-32020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32020"
    },
    {
      "name": "CVE-2024-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2024-32487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32487"
    },
    {
      "name": "CVE-2024-26826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26826"
    },
    {
      "name": "CVE-2024-27056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27056"
    },
    {
      "name": "CVE-2024-26583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2021-47153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47153"
    },
    {
      "name": "CVE-2024-35888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35888"
    },
    {
      "name": "CVE-2023-52700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52700"
    },
    {
      "name": "CVE-2023-31122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31122"
    },
    {
      "name": "CVE-2023-52439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
    },
    {
      "name": "CVE-2021-47495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
    },
    {
      "name": "CVE-2024-26675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26675"
    },
    {
      "name": "CVE-2019-14865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14865"
    },
    {
      "name": "CVE-2024-26906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26906"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2357"
    },
    {
      "name": "CVE-2024-26584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2024-26919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26919"
    },
    {
      "name": "CVE-2023-52445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2024-3019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3019"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2024-27014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2024-32465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32465"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2023-43789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43789"
    },
    {
      "name": "CVE-2024-38428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-26892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
    },
    {
      "name": "CVE-2024-35835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
    },
    {
      "name": "CVE-2024-26735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26735"
    },
    {
      "name": "CVE-2023-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
    },
    {
      "name": "CVE-2023-4693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4693"
    },
    {
      "name": "CVE-2021-46972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46972"
    },
    {
      "name": "CVE-2023-52578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52578"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-34750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2021-46934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46934"
    },
    {
      "name": "CVE-2024-1048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1048"
    },
    {
      "name": "CVE-2023-6004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2020-11022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2023-52667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52667"
    },
    {
      "name": "CVE-2024-26933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-52703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2024-26693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26693"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2022-48624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
    },
    {
      "name": "CVE-2024-26759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26759"
    },
    {
      "name": "CVE-2023-52464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
    },
    {
      "name": "CVE-2023-52813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
    },
    {
      "name": "CVE-2024-35838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
    },
    {
      "name": "CVE-2023-52513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
    },
    {
      "name": "CVE-2023-52615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52615"
    },
    {
      "name": "CVE-2023-52610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52610"
    },
    {
      "name": "CVE-2023-52560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2023-39322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2021-47069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47069"
    },
    {
      "name": "CVE-2024-35960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35960"
    },
    {
      "name": "CVE-2022-39253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39253"
    },
    {
      "name": "CVE-2024-34064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2024-26872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26872"
    },
    {
      "name": "CVE-2020-26555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26555"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2023-52835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
    },
    {
      "name": "CVE-2024-26982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
    },
    {
      "name": "CVE-2021-47310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47310"
    },
    {
      "name": "CVE-2023-52626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52626"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2024-26744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
    },
    {
      "name": "CVE-2024-24786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
    },
    {
      "name": "CVE-2024-35958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35958"
    },
    {
      "name": "CVE-2021-47456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47456"
    },
    {
      "name": "CVE-2021-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
    },
    {
      "name": "CVE-2024-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
    },
    {
      "name": "CVE-2022-48669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48669"
    },
    {
      "name": "CVE-2023-52565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
    },
    {
      "name": "CVE-2023-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
    },
    {
      "name": "CVE-2021-47356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47356"
    },
    {
      "name": "CVE-2024-26694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26694"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2021-47353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47353"
    },
    {
      "name": "CVE-2023-6597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2018-25091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25091"
    },
    {
      "name": "CVE-2023-5090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5090"
    },
    {
      "name": "CVE-2024-27410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27410"
    },
    {
      "name": "CVE-2021-46909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46909"
    },
    {
      "name": "CVE-2024-35853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35853"
    },
    {
      "name": "CVE-2024-26907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
    }
  ],
  "initial_release_date": "2024-09-05T00:00:00",
  "last_revision_date": "2024-10-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0741",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-05T00:00:00.000000"
    },
    {
      "description": "Ajout r\u00e9f\u00e9rence \u00e9diteur",
      "revision_date": "2024-09-06T00:00:00.000000"
    },
    {
      "description": "Correction d\u0027identifiants CVE erron\u00e9s",
      "revision_date": "2024-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Secure Analytics. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
  "vendor_advisories": [
    {
      "published_at": "2024-09-30",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA86686",
      "url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP9-IF02"
    }
  ]
}

CERTFR-2024-AVI-0646

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Storage Protect	Storage Protect Plus Server versions 10.1.x antérieures à 10.1.16.2
IBM	WebSphere	WebSphere Application Server Liberty versions antérieures à 24.0.0.5
IBM	VIOS	VIOS version 4.1 avec un fichier openssl.base versions antérieures à 3.0.13.1000
IBM	WebSphere	WebSphere Application Server versions 8.5.x antérieures à 8.5.5.25
IBM	AIX	AIX versions 7.2 et 7.3 avec un fichier openssl.base versions antérieures à 1.1.1.2400 ou 3.0.13.1000
IBM	WebSphere	WebSphere Application Server versions 9.0.x antérieures à 9.0.5.20
IBM	N/A	Sterling Control Center versions 6.3.0 antérieures à 6.3.0.0 iFix06
IBM	N/A	Sterling Control Center versions 6.2.1 antérieures à 6.2.1.0 iFix13
IBM	VIOS	VIOS versions 3.1 et 4.1 avec un fichier openssl.base versions antérieures à 1.1.1.2400 ou 3.0.13.1000
IBM	QRadar SIEM	QRadar SIEM versions 7.5.0.x antérieures à 7.5.0 UP9 IF01

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7161679	2024-07-29	vendor-advisory
Bulletin de sécurité IBM 7161667	2024-07-26	vendor-advisory
Bulletin de sécurité IBM 7161954	2024-07-30	vendor-advisory
Bulletin de sécurité IBM 7162032	2024-07-30	vendor-advisory
Bulletin de sécurité IBM 7160144	2024-07-12	vendor-advisory
Bulletin de sécurité IBM 7162077	2024-07-31	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Storage Protect Plus Server versions 10.1.x ant\u00e9rieures \u00e0 10.1.16.2",
      "product": {
        "name": "Storage Protect",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server Liberty versions ant\u00e9rieures \u00e0 24.0.0.5 ",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS version 4.1 avec un fichier openssl.base versions ant\u00e9rieures \u00e0 3.0.13.1000",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.5.25",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX versions 7.2 et 7.3 avec un fichier openssl.base versions ant\u00e9rieures \u00e0 1.1.1.2400 ou 3.0.13.1000",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Application Server versions 9.0.x ant\u00e9rieures \u00e0 9.0.5.20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.3.0 ant\u00e9rieures \u00e0 6.3.0.0 iFix06",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Sterling Control Center versions 6.2.1 ant\u00e9rieures \u00e0 6.2.1.0 iFix13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS versions 3.1 et 4.1 avec un fichier openssl.base versions ant\u00e9rieures \u00e0 1.1.1.2400 ou 3.0.13.1000",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.0.x ant\u00e9rieures \u00e0 7.5.0 UP9 IF01",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-26934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26934"
    },
    {
      "name": "CVE-2023-52477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
    },
    {
      "name": "CVE-2024-27059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27059"
    },
    {
      "name": "CVE-2023-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
    },
    {
      "name": "CVE-2024-28849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
    },
    {
      "name": "CVE-2024-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
    },
    {
      "name": "CVE-2021-47055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47055"
    },
    {
      "name": "CVE-2024-35154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35154"
    },
    {
      "name": "CVE-2020-36777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36777"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2024-25744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25744"
    },
    {
      "name": "CVE-2024-26973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26973"
    },
    {
      "name": "CVE-2021-47185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47185"
    },
    {
      "name": "CVE-2023-45283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
    },
    {
      "name": "CVE-2024-23650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23650"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-26603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
    },
    {
      "name": "CVE-2024-26964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2024-26993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26993"
    },
    {
      "name": "CVE-2019-25162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2023-39321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2023-45284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
    },
    {
      "name": "CVE-2024-29415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2024-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3652"
    },
    {
      "name": "CVE-2024-26615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
    },
    {
      "name": "CVE-2024-26643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26643"
    },
    {
      "name": "CVE-2024-26779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26779"
    },
    {
      "name": "CVE-2024-25026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2024-32021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32021"
    },
    {
      "name": "CVE-2024-28180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
    },
    {
      "name": "CVE-2024-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
    },
    {
      "name": "CVE-2024-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23307"
    },
    {
      "name": "CVE-2023-52528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
    },
    {
      "name": "CVE-2024-27048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27048"
    },
    {
      "name": "CVE-2021-47013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47013"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2024-26593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26593"
    },
    {
      "name": "CVE-2023-39320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39320"
    },
    {
      "name": "CVE-2022-48627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48627"
    },
    {
      "name": "CVE-2021-47171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47171"
    },
    {
      "name": "CVE-2024-26743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26743"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-6240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6240"
    },
    {
      "name": "CVE-2024-32004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32004"
    },
    {
      "name": "CVE-2021-47118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47118"
    },
    {
      "name": "CVE-2024-24788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
    },
    {
      "name": "CVE-2023-51767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2024-32020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32020"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2024-22329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
    },
    {
      "name": "CVE-2019-20372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20372"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2024-32487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32487"
    },
    {
      "name": "CVE-2024-27056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27056"
    },
    {
      "name": "CVE-2024-26642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26642"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2021-47153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47153"
    },
    {
      "name": "CVE-2023-52439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52439"
    },
    {
      "name": "CVE-2024-26610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26610"
    },
    {
      "name": "CVE-2024-2357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2357"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2024-26919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26919"
    },
    {
      "name": "CVE-2023-52445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
    },
    {
      "name": "CVE-2024-1394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1394"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2024-27014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2024-32465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32465"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2024-26892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
    },
    {
      "name": "CVE-2023-52578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52578"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2022-38096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
    },
    {
      "name": "CVE-2021-46934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46934"
    },
    {
      "name": "CVE-2023-52598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52598"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2024-26659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26659"
    },
    {
      "name": "CVE-2024-26933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
    },
    {
      "name": "CVE-2023-46604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
    },
    {
      "name": "CVE-2023-52594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52594"
    },
    {
      "name": "CVE-2024-26693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26693"
    },
    {
      "name": "CVE-2023-52595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52595"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2022-48624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2023-52513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
    },
    {
      "name": "CVE-2023-52610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52610"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2023-39322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
    },
    {
      "name": "CVE-2023-52606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52606"
    },
    {
      "name": "CVE-2023-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2024-26872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26872"
    },
    {
      "name": "CVE-2024-26901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26901"
    },
    {
      "name": "CVE-2024-1086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
    },
    {
      "name": "CVE-2024-0565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-42282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2024-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0340"
    },
    {
      "name": "CVE-2024-26744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26744"
    },
    {
      "name": "CVE-2024-24786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
    },
    {
      "name": "CVE-2024-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
    },
    {
      "name": "CVE-2022-48669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48669"
    },
    {
      "name": "CVE-2023-52565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
    },
    {
      "name": "CVE-2023-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
    },
    {
      "name": "CVE-2024-26694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26694"
    },
    {
      "name": "CVE-2024-26664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26664"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2023-52607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52607"
    },
    {
      "name": "CVE-2018-25091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25091"
    },
    {
      "name": "CVE-2023-6931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
    }
  ],
  "initial_release_date": "2024-08-02T00:00:00",
  "last_revision_date": "2024-08-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0646",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-08-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2024-07-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7161679",
      "url": "https://www.ibm.com/support/pages/node/7161679"
    },
    {
      "published_at": "2024-07-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7161667",
      "url": "https://www.ibm.com/support/pages/node/7161667"
    },
    {
      "published_at": "2024-07-30",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7161954",
      "url": "https://www.ibm.com/support/pages/node/7161954"
    },
    {
      "published_at": "2024-07-30",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7162032",
      "url": "https://www.ibm.com/support/pages/node/7162032"
    },
    {
      "published_at": "2024-07-12",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7160144",
      "url": "https://www.ibm.com/support/pages/node/7160144"
    },
    {
      "published_at": "2024-07-31",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7162077",
      "url": "https://www.ibm.com/support/pages/node/7162077"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-3652 (GCVE-0-2024-3652)

Vulnerability from cvelistv5

CERTFR-2025-AVI-0304

Vulnerability from certfr_avis

Solutions

CERTFR-2024-AVI-0741

Vulnerability from certfr_avis

Solutions

CERTFR-2024-AVI-0646

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature