Vulnerability-Lookup

CVE-2021-22946 (GCVE-0-2021-22946)

Vulnerability from cvelistv5 – Published: 2021-09-29 00:00 – Updated: 2024-08-03 18:58

Summary

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.

Severity ?

No CVSS data available.

CWE

CWE-325 - Missing Required Cryptographic Step (CWE-325)

Assigner

hackerone

References

URL

Tags

	https://hackerone.com/reports/1334111
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.oracle.com/security-alerts/cpuoct2021.html
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.oracle.com/security-alerts/cpujan2022.html
	https://security.netapp.com/advisory/ntap-2021102…
	https://security.netapp.com/advisory/ntap-2022012…
	http://seclists.org/fulldisclosure/2022/Mar/29	mailing-list
	https://www.oracle.com/security-alerts/cpuapr2022.html
	https://cert-portal.siemens.com/productcert/pdf/s…
	https://support.apple.com/kb/HT213183
	https://www.oracle.com/security-alerts/cpujul2022.html
	https://www.debian.org/security/2022/dsa-5197	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2022…	mailing-list
	https://security.gentoo.org/glsa/202212-01	vendor-advisory

Impacted products

	Vendor	Product	Version
	n/a	https://github.com/curl/curl	Affected: curl 7.20.0 to and including 7.78.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:58:26.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1334111"
          },
          {
            "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
          },
          {
            "name": "FEDORA-2021-fc96a3a749",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "FEDORA-2021-1d24845e93",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
          },
          {
            "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213183"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "DSA-5197",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5197"
          },
          {
            "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
          },
          {
            "name": "GLSA-202212-01",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202212-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "https://github.com/curl/curl",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "curl 7.20.0 to and including 7.78.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-325",
              "description": "Missing Required Cryptographic Step (CWE-325)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-19T00:00:00.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://hackerone.com/reports/1334111"
        },
        {
          "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
        },
        {
          "name": "FEDORA-2021-fc96a3a749",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "name": "FEDORA-2021-1d24845e93",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
        },
        {
          "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
        },
        {
          "url": "https://support.apple.com/kb/HT213183"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "name": "DSA-5197",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5197"
        },
        {
          "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
        },
        {
          "name": "GLSA-202212-01",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202212-01"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2021-22946",
    "datePublished": "2021-09-29T00:00:00.000Z",
    "dateReserved": "2021-01-06T00:00:00.000Z",
    "dateUpdated": "2024-08-03T18:58:26.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2024-AVI-0145

Vulnerability from certfr_avis - Published: 2024-02-16 - Updated: 2024-02-16

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	Db2	IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2
IBM	QRadar Suite Software	QRadar Suite Software versions 1.10.x.x antérieures à 1.10.18.0
IBM	N/A	IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions antérieures à v4.8.2
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF05
IBM	QRadar	IBM QRadar Use Case Manager App versions antérieures à 3.9.0
IBM	WebSphere	IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20
IBM	WebSphere	IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.1.x.x antérieures à 6.1.0.23
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.3.x.x antérieures à 6.3.0.6
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.2.x.x antérieures à 6.2.0.22
IBM	Db2	IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2
IBM	Cloud Pak	IBM Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.18.0
IBM	Spectrum	IBM Spectrum Scale versions 5.1.x.x antérieures à 5.1.2.15
IBM	WebSphere	IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20
IBM	QRadar WinCollect Agent	IBM QRadar WinCollect Agent versions 10.0.x antérieures à 10.1.9
IBM	Spectrum	IBM Spectrum Scale versions 5.1.3.x antérieures à 5.1.9.2

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7117872 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118592 du 16 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117873 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118289 du 15 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118351 du 15 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117821 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117883 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117881 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117884 du 14 février 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF05",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 3.9.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.1.x.x ant\u00e9rieures \u00e0 6.1.0.23",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.3.x.x ant\u00e9rieures \u00e0 6.3.0.6",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.22",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.1.x.x ant\u00e9rieures \u00e0 5.1.2.15",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar WinCollect Agent versions 10.0.x ant\u00e9rieures \u00e0 10.1.9",
      "product": {
        "name": "QRadar WinCollect Agent",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.1.3.x ant\u00e9rieures \u00e0 5.1.9.2",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2023-21938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2015-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
    },
    {
      "name": "CVE-2023-6681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
    },
    {
      "name": "CVE-2023-43642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2023-49082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
    },
    {
      "name": "CVE-2015-8383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
    },
    {
      "name": "CVE-2023-1370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
    },
    {
      "name": "CVE-2023-45857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
    },
    {
      "name": "CVE-2023-45142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
    },
    {
      "name": "CVE-2023-34053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34053"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2023-46308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
    },
    {
      "name": "CVE-2023-46234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-47747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47747"
    },
    {
      "name": "CVE-2023-47158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47158"
    },
    {
      "name": "CVE-2022-23529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23529"
    },
    {
      "name": "CVE-2023-34054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34054"
    },
    {
      "name": "CVE-2023-30991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-21954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-21939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
    },
    {
      "name": "CVE-2023-46167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46167"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2023-38740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38740"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2021-33196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
    },
    {
      "name": "CVE-2021-31525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
    },
    {
      "name": "CVE-2023-38719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38719"
    },
    {
      "name": "CVE-2023-30987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30987"
    },
    {
      "name": "CVE-2023-45178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45178"
    },
    {
      "name": "CVE-2023-47701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47701"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2023-23936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
    },
    {
      "name": "CVE-2023-50308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50308"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2023-40687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40687"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2015-8381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2020-16845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2015-8392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2020-28367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28367"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-44270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
    },
    {
      "name": "CVE-2015-8395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2023-34462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2015-8393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8393"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-23541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-45133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
    },
    {
      "name": "CVE-2023-47627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
    },
    {
      "name": "CVE-2023-26049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-26115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-32559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2023-4586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4586"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2023-40373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40373"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2023-20569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
    },
    {
      "name": "CVE-2023-4206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
    },
    {
      "name": "CVE-2023-38728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38728"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2023-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
    },
    {
      "name": "CVE-2021-33197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
    },
    {
      "name": "CVE-2023-4128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
    },
    {
      "name": "CVE-2022-29244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
    },
    {
      "name": "CVE-2021-27918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2023-46219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
    },
    {
      "name": "CVE-2021-4160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
    },
    {
      "name": "CVE-2023-32360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
    },
    {
      "name": "CVE-2023-47746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47746"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2023-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2023-28319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
    },
    {
      "name": "CVE-2020-15586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2022-23540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2023-42795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
    },
    {
      "name": "CVE-2023-4207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-37276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37276"
    },
    {
      "name": "CVE-2023-23920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2023-20593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2023-38720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38720"
    },
    {
      "name": "CVE-2023-34055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2023-47141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47141"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2023-23918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
    },
    {
      "name": "CVE-2015-8388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2023-40692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40692"
    },
    {
      "name": "CVE-2021-41190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
    },
    {
      "name": "CVE-2023-45193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45193"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2023-38003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38003"
    },
    {
      "name": "CVE-2023-45648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2023-47145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47145"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2024-22190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-40982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
    },
    {
      "name": "CVE-2023-39976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2023-38325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
    },
    {
      "name": "CVE-2023-4208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
    },
    {
      "name": "CVE-2020-8244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8244"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2020-19909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
    },
    {
      "name": "CVE-2022-48337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48337"
    },
    {
      "name": "CVE-2023-3776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
    },
    {
      "name": "CVE-2021-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
    },
    {
      "name": "CVE-2023-44981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2023-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2022-23539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23539"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2015-8385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
    },
    {
      "name": "CVE-2015-8394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
    },
    {
      "name": "CVE-2020-29510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29510"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2015-8391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
    },
    {
      "name": "CVE-2015-8386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2023-2597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2022-48339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48339"
    },
    {
      "name": "CVE-2015-8387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
    },
    {
      "name": "CVE-2023-49081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
    },
    {
      "name": "CVE-2021-3114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2022-25881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
    },
    {
      "name": "CVE-2022-43548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
    },
    {
      "name": "CVE-2023-38727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38727"
    },
    {
      "name": "CVE-2021-29923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2023-23919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
    },
    {
      "name": "CVE-2020-24553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24553"
    },
    {
      "name": "CVE-2023-29258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29258"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2023-34062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34062"
    },
    {
      "name": "CVE-2020-28362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
    },
    {
      "name": "CVE-2023-5676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
    },
    {
      "name": "CVE-2022-36046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36046"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2021-33194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2002-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2002-0059"
    },
    {
      "name": "CVE-2023-43020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43020"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2023-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2023-27859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27859"
    },
    {
      "name": "CVE-2023-32731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
    },
    {
      "name": "CVE-2023-21930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2015-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2023-32006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2023-36665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36665"
    },
    {
      "name": "CVE-2023-46158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2023-40374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40374"
    },
    {
      "name": "CVE-2015-8390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
    },
    {
      "name": "CVE-2023-46589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2023-26048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
    },
    {
      "name": "CVE-2023-39331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2023-39332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
    },
    {
      "name": "CVE-2023-21967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
    },
    {
      "name": "CVE-2020-14039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14039"
    },
    {
      "name": "CVE-2023-40372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40372"
    },
    {
      "name": "CVE-2023-26159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-47152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47152"
    },
    {
      "name": "CVE-2023-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
    },
    {
      "name": "CVE-2020-28366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28366"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2021-33195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "initial_release_date": "2024-02-16T00:00:00",
  "last_revision_date": "2024-02-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0145",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-02-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117872 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117872"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118592 du 16 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118592"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117873 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117873"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118289 du 15 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118289"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118351 du 15 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118351"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117821 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117821"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117883 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117883"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117881 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117881"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117884 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117884"
    }
  ]
}

CERTFR-2022-AVI-831

Vulnerability from certfr_avis - Published: 2022-09-19 - Updated: 2022-09-19

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar	IBM Security QRadar Network Threat Analytics versions antérieures à 1.1.0
IBM	Sterling Control Center	IBM Sterling Control Center versions antérieures à 6.2.1.0 iFix08 Fix Central
IBM	Spectrum	IBM Spectrum Copy Data Management versions 2.2.x antérieures à 2.2.17
IBM	Spectrum	IBM Spectrum Protect Plus versions 10.1.x antérieures à 10.1.12

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6619919 du 17 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6618759 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620211 du 17 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6618757 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620213 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620939 du 16 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Security QRadar Network Threat Analytics versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Control Center versions ant\u00e9rieures \u00e0 6.2.1.0 iFix08 Fix Central",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Copy Data Management versions 2.2.x ant\u00e9rieures \u00e0 2.2.17",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.12",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-32213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
    },
    {
      "name": "CVE-2022-33980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2020-29651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29651"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-32222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32222"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-32212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-32215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
    },
    {
      "name": "CVE-2022-32214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
    },
    {
      "name": "CVE-2020-28493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
    },
    {
      "name": "CVE-2022-32223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32223"
    }
  ],
  "initial_release_date": "2022-09-19T00:00:00",
  "last_revision_date": "2022-09-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-831",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6619919 du 17 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6619919"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6618759 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6618759"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620211 du 17 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620211"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6618757 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6618757"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620213 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620213"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620939 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620939"
    }
  ]
}

CERTFR-2022-AVI-243

Vulnerability from certfr_avis - Published: 2022-03-15 - Updated: 2022-03-15

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iTunes pour Windows versions antérieures à 12.12.3
Apple	N/A	Xcode versions antérieures à 13.3
Apple	macOS	macOS Catalina sans le correctif de sécurité 2022-003
Apple	N/A	watchOS versions antérieures à 8.5
Apple	macOS	macOS Monterey versions antérieures à 12.3
Apple	N/A	Logic Pro X versions antérieures à 10.7.3
Apple	N/A	iOS et iPadOS versions antérieures à 15.4
Apple	N/A	GarageBand versions antérieures à 10.4.6
Apple	macOS	macOS Big Sur versions antérieures à 11.6.5

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT213191 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213182 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213184 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213185 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213183 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213188 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213190 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213193 du 14 mars 2022	None	vendor-advisory
Bulletin de sécurité Apple HT213189 du 14 mars 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iTunes pour Windows versions ant\u00e9rieures \u00e0 12.12.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Catalina sans le correctif de s\u00e9curit\u00e9 2022-003",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 8.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.3",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Logic Pro X versions ant\u00e9rieures \u00e0 10.7.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS et iPadOS versions ant\u00e9rieures \u00e0 15.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "GarageBand versions ant\u00e9rieures \u00e0 10.4.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.6.5",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-22653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22653"
    },
    {
      "name": "CVE-2022-22652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22652"
    },
    {
      "name": "CVE-2022-22647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22647"
    },
    {
      "name": "CVE-2022-22659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22659"
    },
    {
      "name": "CVE-2022-22656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22656"
    },
    {
      "name": "CVE-2022-0158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
    },
    {
      "name": "CVE-2022-22612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22612"
    },
    {
      "name": "CVE-2022-22671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22671"
    },
    {
      "name": "CVE-2022-22643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22643"
    },
    {
      "name": "CVE-2021-4192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4192"
    },
    {
      "name": "CVE-2022-22670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22670"
    },
    {
      "name": "CVE-2022-22651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22651"
    },
    {
      "name": "CVE-2022-22602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22602"
    },
    {
      "name": "CVE-2022-22611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22611"
    },
    {
      "name": "CVE-2022-22626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22626"
    },
    {
      "name": "CVE-2021-4173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4173"
    },
    {
      "name": "CVE-2022-22624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22624"
    },
    {
      "name": "CVE-2022-22597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22597"
    },
    {
      "name": "CVE-2022-22648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22648"
    },
    {
      "name": "CVE-2022-22641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22641"
    },
    {
      "name": "CVE-2022-22622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22622"
    },
    {
      "name": "CVE-2021-4136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4136"
    },
    {
      "name": "CVE-2022-22669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22669"
    },
    {
      "name": "CVE-2022-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
    },
    {
      "name": "CVE-2022-22601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22601"
    },
    {
      "name": "CVE-2022-22623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22623"
    },
    {
      "name": "CVE-2022-22614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22614"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22598"
    },
    {
      "name": "CVE-2022-22666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22666"
    },
    {
      "name": "CVE-2022-22618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22618"
    },
    {
      "name": "CVE-2021-4166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4166"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0128"
    },
    {
      "name": "CVE-2022-22639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22639"
    },
    {
      "name": "CVE-2022-22662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22662"
    },
    {
      "name": "CVE-2022-22638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22638"
    },
    {
      "name": "CVE-2022-22609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22609"
    },
    {
      "name": "CVE-2022-22665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22665"
    },
    {
      "name": "CVE-2022-22600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22600"
    },
    {
      "name": "CVE-2022-22617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22617"
    },
    {
      "name": "CVE-2022-22640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22640"
    },
    {
      "name": "CVE-2022-22642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22642"
    },
    {
      "name": "CVE-2022-22596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22596"
    },
    {
      "name": "CVE-2021-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4193"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2022-22582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22582"
    },
    {
      "name": "CVE-2022-22605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22605"
    },
    {
      "name": "CVE-2022-22599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22599"
    },
    {
      "name": "CVE-2022-22650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22650"
    },
    {
      "name": "CVE-2022-22625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22625"
    },
    {
      "name": "CVE-2022-22604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22604"
    },
    {
      "name": "CVE-2022-22632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22632"
    },
    {
      "name": "CVE-2022-22660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22660"
    },
    {
      "name": "CVE-2022-22657",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22657"
    },
    {
      "name": "CVE-2022-22607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22607"
    },
    {
      "name": "CVE-2022-22627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22627"
    },
    {
      "name": "CVE-2022-22636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22636"
    },
    {
      "name": "CVE-2022-22615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22615"
    },
    {
      "name": "CVE-2022-22634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22634"
    },
    {
      "name": "CVE-2022-22635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22635"
    },
    {
      "name": "CVE-2021-30918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30918"
    },
    {
      "name": "CVE-2022-22621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22621"
    },
    {
      "name": "CVE-2022-22637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22637"
    },
    {
      "name": "CVE-2022-22654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22654"
    },
    {
      "name": "CVE-2022-22606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22606"
    },
    {
      "name": "CVE-2022-22633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22633"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2022-22603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22603"
    },
    {
      "name": "CVE-2022-22616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22616"
    },
    {
      "name": "CVE-2022-22661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22661"
    },
    {
      "name": "CVE-2022-22613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22613"
    },
    {
      "name": "CVE-2022-22610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22610"
    },
    {
      "name": "CVE-2022-22608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22608"
    },
    {
      "name": "CVE-2022-22668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22668"
    },
    {
      "name": "CVE-2019-14379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
    },
    {
      "name": "CVE-2022-22628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22628"
    },
    {
      "name": "CVE-2022-22644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22644"
    },
    {
      "name": "CVE-2021-4187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4187"
    },
    {
      "name": "CVE-2022-22664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22664"
    },
    {
      "name": "CVE-2022-22667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22667"
    },
    {
      "name": "CVE-2021-46059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46059"
    },
    {
      "name": "CVE-2022-22629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22629"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2022-22631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22631"
    }
  ],
  "initial_release_date": "2022-03-15T00:00:00",
  "last_revision_date": "2022-03-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-243",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-03-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213191 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213191"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213182 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213182"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213184 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213184"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213185 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213185"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213183 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213183"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213188 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213188"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213190 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213190"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213193 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213193"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT213189 du 14 mars 2022",
      "url": "https://support.apple.com/fr-fr/HT213189"
    }
  ]
}

CERTFR-2023-AVI-0428

Vulnerability from certfr_avis - Published: 2023-06-02 - Updated: 2023-06-02

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Splunk	N/A	Splunk Universal Forwarders versions 8.2.x antérieures à 8.2.11
Splunk	Splunk Enterprise	Splunk Enterprise versions antérieures à 8.1.14
Splunk	N/A	Splunk App for Lookup File Editing versions antérieures à 4.0.1
Splunk	N/A	Splunk App for Stream versions antérieures à 8.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.0.x antérieures à 9.0.5
Splunk	N/A	Splunk Cloud versions antérieures à 9.0.2303.100
Splunk	N/A	Splunk Universal Forwarders versions 9.0.x antérieures à 9.0.5
Splunk	N/A	Splunk Universal Forwarders versions antérieures à 8.1.14
Splunk	Splunk Enterprise	Splunk Enterprise versions 8.2.x antérieures à 8.2.11

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2023-0603 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0609 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0607 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0602 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0613 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0608 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0610 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0611 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0614 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0601 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0605 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0606 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0615 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0604 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0612 du 01 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk Universal Forwarders versions 8.2.x ant\u00e9rieures \u00e0 8.2.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions ant\u00e9rieures \u00e0 8.1.14",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk App for Lookup File Editing versions ant\u00e9rieures \u00e0 4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk App for Stream versions ant\u00e9rieures \u00e0 8.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.5",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud versions ant\u00e9rieures \u00e0 9.0.2303.100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarders versions 9.0.x ant\u00e9rieures \u00e0 9.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarders versions ant\u00e9rieures \u00e0 8.1.14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.11",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-31129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-1370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2022-46175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2020-7753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7753"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2020-8116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8116"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2021-33502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2021-33503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33503"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2023-32715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32715"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-37603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-7774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2021-27292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-32717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32717"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2023-32708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32708"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2021-33587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33587"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2022-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
    },
    {
      "name": "CVE-2020-13822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13822"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2021-20095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20095"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2019-10744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2021-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
    },
    {
      "name": "CVE-2023-32716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32716"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2023-32711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32711"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2021-3803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2022-40023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2022-43680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2021-31566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
    },
    {
      "name": "CVE-2023-32712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32712"
    },
    {
      "name": "CVE-2022-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4200"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2021-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2023-32710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32710"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2019-20149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20149"
    },
    {
      "name": "CVE-2022-38900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
    },
    {
      "name": "CVE-2017-16042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16042"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2023-32706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32706"
    },
    {
      "name": "CVE-2019-10746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10746"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2020-15138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15138"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2021-23368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
    },
    {
      "name": "CVE-2021-29060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2023-32709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32709"
    },
    {
      "name": "CVE-2022-37616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37616"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2020-7662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7662"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2022-23491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2020-28469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2023-32707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32707"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-32713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32713"
    },
    {
      "name": "CVE-2022-25858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
    },
    {
      "name": "CVE-2023-32714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32714"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "initial_release_date": "2023-06-02T00:00:00",
  "last_revision_date": "2023-06-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0428",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eSplunk\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0603 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0603"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0609 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0609"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0607 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0607"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0602 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0602"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0613 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0613"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0608 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0608"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0610 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0610"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0611 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0611"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0614 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0614"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0601 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0601"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0605 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0605"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0606 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0606"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0615 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0615"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0604 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0604"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0612 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0612"
    }
  ]
}

CERTFR-2022-AVI-836

Vulnerability from certfr_avis - Published: 2022-09-20 - Updated: 2022-09-20

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	Cloud Pak	IBM Cloud Pak for Watson AIOps Infrastructure Automation versions antérieures à 3.4.2
	IBM	Spectrum	IBM Spectrum Protect Plus Affected versions 10.1.x antérieures à 10.1.12

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6621463 du 19 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6621311 du 19 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6621267 du 19 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Cloud Pak for Watson AIOps Infrastructure Automation versions ant\u00e9rieures \u00e0 3.4.2",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect Plus Affected versions 10.1.x ant\u00e9rieures \u00e0 10.1.12",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35946"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-33980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-24434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24434"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-31143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31143"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2022-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35947"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2022-31187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31187"
    },
    {
      "name": "CVE-2022-35945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35945"
    },
    {
      "name": "CVE-2022-36112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36112"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    }
  ],
  "initial_release_date": "2022-09-20T00:00:00",
  "last_revision_date": "2022-09-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-836",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621463 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621463"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621311 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621311"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621267 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621267"
    }
  ]
}

CERTFR-2022-AVI-386

Vulnerability from certfr_avis - Published: 2022-04-26 - Updated: 2022-04-26

De multiples vulnérabilités ont été découvertes dans IBM QRadar SIEM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar SIEM	IBM QRadar SIEM version 7.5.0 antérieure à 7.5.0 UP1
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.4.3 antérieures à 7.4.3 FP5
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.3.3 antérieures à 7.3.3 FP11

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6574453 du 25 avril 2022	None	vendor-advisory
Bulletin de sécurité IBM 6574787 du 25 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM QRadar SIEM version 7.5.0 ant\u00e9rieure \u00e0 7.5.0 UP1",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.4.3 ant\u00e9rieures \u00e0 7.4.3 FP5",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.3.3 ant\u00e9rieures \u00e0 7.3.3 FP11",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3200"
    },
    {
      "name": "CVE-2021-35586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2020-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
    },
    {
      "name": "CVE-2021-38919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38919"
    },
    {
      "name": "CVE-2021-42340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
    },
    {
      "name": "CVE-2021-33929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33929"
    },
    {
      "name": "CVE-2021-20231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
    },
    {
      "name": "CVE-2021-38939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38939"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2021-38874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38874"
    },
    {
      "name": "CVE-2021-41182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
    },
    {
      "name": "CVE-2021-33928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33928"
    },
    {
      "name": "CVE-2021-36086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
    },
    {
      "name": "CVE-2021-20266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
    },
    {
      "name": "CVE-2019-17594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
    },
    {
      "name": "CVE-2021-38869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38869"
    },
    {
      "name": "CVE-2021-35559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
    },
    {
      "name": "CVE-2021-35565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
    },
    {
      "name": "CVE-2021-2432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-9488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
    },
    {
      "name": "CVE-2020-24370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24370"
    },
    {
      "name": "CVE-2021-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
    },
    {
      "name": "CVE-2021-41184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
    },
    {
      "name": "CVE-2021-33813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
    },
    {
      "name": "CVE-2021-41183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
    },
    {
      "name": "CVE-2021-3445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3445"
    },
    {
      "name": "CVE-2020-16135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16135"
    },
    {
      "name": "CVE-2021-36085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
    },
    {
      "name": "CVE-2021-29776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29776"
    },
    {
      "name": "CVE-2021-2388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
    },
    {
      "name": "CVE-2021-35588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
    },
    {
      "name": "CVE-2019-17595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
    },
    {
      "name": "CVE-2021-23214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23214"
    },
    {
      "name": "CVE-2021-33930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33930"
    },
    {
      "name": "CVE-2021-41035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
    },
    {
      "name": "CVE-2021-20232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
    },
    {
      "name": "CVE-2021-28153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
    },
    {
      "name": "CVE-2021-35578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
    },
    {
      "name": "CVE-2021-27218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2021-35564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
    },
    {
      "name": "CVE-2022-22345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22345"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2021-38878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38878"
    },
    {
      "name": "CVE-2021-36087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2021-35556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
    },
    {
      "name": "CVE-2021-22096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
    },
    {
      "name": "CVE-2021-35560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
    },
    {
      "name": "CVE-2021-36084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2021-33938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33938"
    }
  ],
  "initial_release_date": "2022-04-26T00:00:00",
  "last_revision_date": "2022-04-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-386",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar SIEM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar SIEM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6574453 du 25 avril 2022",
      "url": "https://www.ibm.com/support/pages/node/6574453"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6574787 du 25 avril 2022",
      "url": "https://www.ibm.com/support/pages/node/6574787"
    }
  ]
}

CERTFR-2024-AVI-0297

Vulnerability from certfr_avis - Published: 2024-04-11 - Updated: 2024-04-11

De multiples vulnérabilités ont été découvertes dans Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cloud Native Router versions antérieures à 23.4
cRPD versions antérieures à 23.4R1
Paragon Active Assurance versions antérieures à 4.2.1
Paragon Active Assurance versions antérieures à 4.3.0
Junos OS gamme EX4300 versions antérieures à 20.4R3-S10, 21.2R3-S7 et 21.4R3-S6
Junos OS gammes QFX5000 Series, EX4400 Series, EX4100 Series et EX4650 Series versions antérieures à 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1
Junos OS gammes SRX Branch Series versions antérieures à 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2 et 23.2R1
Junos OS gammes MX Series avec SPC3 et MS-MPC versions antérieures à 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1
Junos OS gamme SRX 5000 Series avec SPC2 versions antérieures à 21.2R3-S7, 21.4, 22.1, 22.2, 22.3, 22.4 et 23.2
Junos OS gammes MX Series versions antérieures à 20.4R3-S5, 21.1, 21.2R3-S1, 21.3, 21.4R3, 22.1R2, 22.2R2 et 22.3
Junos OS gamme EX9200-15C versions antérieures à 21.2R3-S1, 21.4R3, 22.1R2 et 22.2R2
Junos OS gammes SRX4600 versions antérieures à 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2 et 23.4R1
Junos OS gammes ACX5448 et ACX710 versions antérieures à 20.4R3-S9, 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2 et 23.2R1
Junos OS versions antérieures à 20.4R3-S9, 21.1R3, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R3-S2, 22.4R3 et 23.4R2
Junos OS Evolved versions antérieures à 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.3R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R2-EVO et 23.4R1-EVO

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA79102 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79106 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79181 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79186 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79089 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79173 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79104 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79094 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79183 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79176 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79179 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79187 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79109 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79171 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79188 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79099 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79184 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79110 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79174 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79095 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79100 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79107 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79092 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79185 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79108 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79091 du 10 avril 2024	None	vendor-advisory
Bulletin de sécurité Juniper JSA79180 du 10 avril 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eCloud Native Router versions ant\u00e9rieures \u00e0 23.4\u003c/li\u003e \u003cli\u003ecRPD versions ant\u00e9rieures \u00e0 23.4R1\u003c/li\u003e \u003cli\u003eParagon Active Assurance versions ant\u00e9rieures \u00e0 4.2.1\u003c/li\u003e \u003cli\u003eParagon Active Assurance versions ant\u00e9rieures \u00e0 4.3.0\u003c/li\u003e \u003cli\u003eJunos OS gamme EX4300 versions ant\u00e9rieures \u00e0 20.4R3-S10, 21.2R3-S7 et 21.4R3-S6\u003c/li\u003e \u003cli\u003eJunos OS gammes QFX5000 Series, EX4400 Series, EX4100 Series et EX4650 Series versions ant\u00e9rieures \u00e0 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gammes SRX Branch Series versions ant\u00e9rieures \u00e0 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gammes MX Series avec SPC3 et MS-MPC versions ant\u00e9rieures \u00e0 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS gamme SRX 5000 Series avec SPC2 versions ant\u00e9rieures \u00e0 21.2R3-S7, 21.4, 22.1, 22.2, 22.3, 22.4 et 23.2\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0MX Series versions ant\u00e9rieures \u00e0 20.4R3-S5, 21.1, 21.2R3-S1, 21.3, 21.4R3, 22.1R2, 22.2R2 et 22.3\u003c/li\u003e \u003cli\u003eJunos OS gamme EX9200-15C versions ant\u00e9rieures \u00e0 21.2R3-S1, 21.4R3, 22.1R2 et 22.2R2\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0SRX4600 versions ant\u00e9rieures \u00e0 21.2R3-S7,\u00a021.4R3-S6,\u00a022.1R3-S5,\u00a022.2R3-S3,\u00a022.3R3-S2,\u00a022.4R3,\u00a023.2R1-S2, 23.2R2 et 23.4R1\u003c/li\u003e \u003cli\u003eJunos OS gammes\u00a0ACX5448 et ACX710 versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S5, 21.3R3-S5, 21.4R3-S4, 22.1R3-S2, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2 et 23.2R1\u003c/li\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.1R3, 21.2R3-S7, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R3-S2, 22.3R3-S2, 22.4R3 et 23.4R2\u003c/li\u003e \u003cli\u003e \u003cdiv\u003e \u003cdiv\u003e \u003cp\u003eJunos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.3R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-S4-EVO, 22.2R3-S2-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R2-EVO et 23.4R1-EVO\u003c/p\u003e \u003c/div\u003e \u003c/div\u003e \u003c/li\u003e \u003c/ul\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2023-40217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2024-30381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30381"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2020-1747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1747"
    },
    {
      "name": "CVE-2024-30401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30401"
    },
    {
      "name": "CVE-2021-28831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28831"
    },
    {
      "name": "CVE-2024-30409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30409"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2020-14343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14343"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2022-48554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
    },
    {
      "name": "CVE-2023-39975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39975"
    },
    {
      "name": "CVE-2024-30410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30410"
    },
    {
      "name": "CVE-2018-7738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7738"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-28957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28957"
    },
    {
      "name": "CVE-2024-30380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30380"
    },
    {
      "name": "CVE-2023-41913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41913"
    },
    {
      "name": "CVE-2024-30392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30392"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2021-23240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23240"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2011-1676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1676"
    },
    {
      "name": "CVE-2020-8037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8037"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2020-19190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
    },
    {
      "name": "CVE-2024-30391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30391"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2023-2253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2024-30389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30389"
    },
    {
      "name": "CVE-2023-29491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
    },
    {
      "name": "CVE-2023-3592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3592"
    },
    {
      "name": "CVE-2020-19187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2019-9923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
    },
    {
      "name": "CVE-2021-39534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39534"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2023-27043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2024-30398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30398"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2018-1000120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2019-17041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17041"
    },
    {
      "name": "CVE-2020-19188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
    },
    {
      "name": "CVE-2020-19186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-25659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25659"
    },
    {
      "name": "CVE-2021-39531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39531"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2011-1675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1675"
    },
    {
      "name": "CVE-2023-28366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28366"
    },
    {
      "name": "CVE-2024-30378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30378"
    },
    {
      "name": "CVE-2023-23931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
    },
    {
      "name": "CVE-2021-34434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34434"
    },
    {
      "name": "CVE-2016-10009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
    },
    {
      "name": "CVE-2023-1428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1428"
    },
    {
      "name": "CVE-2023-3978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
    },
    {
      "name": "CVE-2024-30402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30402"
    },
    {
      "name": "CVE-2018-1000215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000215"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2019-17042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17042"
    },
    {
      "name": "CVE-2024-30403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30403"
    },
    {
      "name": "CVE-2021-36159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36159"
    },
    {
      "name": "CVE-2018-1000654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000654"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2022-2795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
    },
    {
      "name": "CVE-2021-30139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30139"
    },
    {
      "name": "CVE-2024-30384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30384"
    },
    {
      "name": "CVE-2023-2603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
    },
    {
      "name": "CVE-2024-30387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30387"
    },
    {
      "name": "CVE-2017-18018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18018"
    },
    {
      "name": "CVE-2024-30406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30406"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-32732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
    },
    {
      "name": "CVE-2024-30394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30394"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2022-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
    },
    {
      "name": "CVE-2024-30407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30407"
    },
    {
      "name": "CVE-2020-36242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
    },
    {
      "name": "CVE-2023-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
    },
    {
      "name": "CVE-2020-22916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
    },
    {
      "name": "CVE-2023-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
    },
    {
      "name": "CVE-2020-27350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27350"
    },
    {
      "name": "CVE-2023-36054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
    },
    {
      "name": "CVE-2021-39533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39533"
    },
    {
      "name": "CVE-2024-30390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30390"
    },
    {
      "name": "CVE-2020-19185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
    },
    {
      "name": "CVE-2023-0809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0809"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2020-19189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
    },
    {
      "name": "CVE-2023-32731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
    },
    {
      "name": "CVE-2023-49083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
    },
    {
      "name": "CVE-2024-30388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30388"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2024-30386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30386"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2011-1677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1677"
    },
    {
      "name": "CVE-2018-20225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
    },
    {
      "name": "CVE-2020-28928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28928"
    },
    {
      "name": "CVE-2021-41039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41039"
    },
    {
      "name": "CVE-2024-30382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30382"
    },
    {
      "name": "CVE-2018-20482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
    },
    {
      "name": "CVE-2021-40528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40528"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2020-28493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
    },
    {
      "name": "CVE-2020-27783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
    },
    {
      "name": "CVE-2018-1000122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
    },
    {
      "name": "CVE-2011-1089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
    },
    {
      "name": "CVE-2024-30405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30405"
    },
    {
      "name": "CVE-2024-30397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30397"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2024-30395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30395"
    }
  ],
  "initial_release_date": "2024-04-11T00:00:00",
  "last_revision_date": "2024-04-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0297",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-04-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79102 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-libslax-Multiple-vulnerabilities-in-libslax-resolved?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79106 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Juniper-Cloud-Native-Router-Multiple-vulnerabilities-resolved-in-23-4-release?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79181 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-When-MAC-learning-happens-and-an-interface-gets-flapped-the-PFE-crashes-CVE-2024-30403?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79186 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-If-a-specific-CLI-command-is-issued-PFE-crashes-will-occur-CVE-2024-30384?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79089 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX-Series-Specific-malformed-LACP-packets-will-cause-flaps-CVE-2024-30388?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79173 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Paragon-Active-Assurance-probe-serviced-exposes-internal-objects-to-local-users-CVE-2024-30381?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79104 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-ACX-Series-with-Paragon-Active-Assurance-Test-Agent-A-local-high-privileged-attacker-can-recover-other-administrators-credentials-CVE-2024-30406?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79094 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-A-specific-EVPN-type-5-route-causes-rpd-crash-CVE-2024-30394?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79183 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-Evolved-Connection-limits-is-not-being-enforced-while-the-resp-rate-limit-is-being-enforced-CVE-2024-30390?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79176 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX4600-Series-A-high-amount-of-specific-traffic-causes-packet-drops-and-an-eventual-PFE-crash-CVE-2024-30398?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79179 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-An-invalid-certificate-causes-a-Denial-of-Service-in-the-Internet-Key-Exchange-IKE-process-CVE-2024-30397?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79187 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-ACX5448-ACX710-Due-to-the-interface-flaps-the-PFE-process-can-crash-CVE-2024-30387?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79109 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-bbe-smgd-process-crash-upon-execution-of-specific-CLI-commands-CVE-2024-30378?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79171 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-l2cpd-crash-upon-receipt-of-a-specific-TLV-CVE-2024-30380?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79188 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-When-IPsec-authentication-is-configured-with-hmac-sha-384-and-hmac-sha-512-no-authentication-of-traffic-is-performed-CVE-2024-30391?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79099 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Higher-CPU-consumption-on-routing-engine-leads-to-Denial-of-Service-DoS-CVE-2024-30409?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79184 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-EVPN-VXLAN-scenario-state-changes-on-adjacent-systems-can-cause-an-l2ald-process-crash-CVE-2024-30386?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79110 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-15C-Stack-based-buffer-overflow-in-aftman-CVE-2024-30401?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79174 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-RPD-crash-when-CoS-based-forwarding-CBF-policy-is-configured-CVE-2024-30382?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79095 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-malformed-BGP-tunnel-encapsulation-attribute-will-lead-to-an-rpd-crash-CVE-2024-30395?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79100 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-Loopback-filter-not-blocking-traffic-despite-having-discard-term-CVE-2024-30410?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79107 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-cRPD-Multiple-vulnerabilities-resolved-in-23-4R1-release?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79092 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-MS-MPC-MIC-When-URL-filtering-is-enabled-and-a-specific-URL-request-is-received-a-flowd-crash-occurs-CVE-2024-30392?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79185 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-EX4300-Series-Firewall-filter-not-blocking-egress-traffic-CVE-2024-30389?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79108 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-cURL-vulnerabilities-resolved?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79091 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-Branch-Series-When-DNS-proxy-is-configured-and-specific-DNS-queries-are-received-resolver-s-performance-is-degraded-CVE-2022-2795?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA79180 du 10 avril 2024",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-l2ald-crashes-on-receiving-telemetry-messages-from-a-specific-subscription-CVE-2024-30402?language=en_US"
    }
  ]
}

CERTFR-2023-AVI-0701

Vulnerability from certfr_avis - Published: 2023-08-31 - Updated: 2023-08-31

De multiples vulnérabilités ont été découvertes dans Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Splunk	Universal Forwarder	Universal Forwarder versions 9.0.x antérieures à 9.0.6
Splunk	N/A	Splunk ITSI versions 4.15.x antérieures à 4.15.3
Splunk	Universal Forwarder	Universal Forwarder versions 8.2.x antérieures à 8.2.12
Splunk	N/A	Splunk Cloud versions antérieures à 9.0.2305.200
Splunk	Universal Forwarder	Universal Forwarder versions 9.1.x antérieures à 9.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 8.2.x antérieures à 8.2.12
Splunk	N/A	Splunk ITSI versions 4.13.x antérieures à 4.13.3
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.1.x antérieures à 9.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.0.x antérieures à 9.0.6

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2023-0802 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0804 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0806 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0810 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0807 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0808 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0803 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0801 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0805 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0809 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0811 du 30 août 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Universal Forwarder versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk ITSI versions 4.15.x ant\u00e9rieures \u00e0 4.15.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Universal Forwarder versions 8.2.x ant\u00e9rieures \u00e0 8.2.12",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud versions ant\u00e9rieures \u00e0 9.0.2305.200",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.1",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.12",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk ITSI versions 4.13.x ant\u00e9rieures \u00e0 4.13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.1.x ant\u00e9rieures \u00e0 9.1.1",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2022-40899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40899"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-31129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2021-27919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27919"
    },
    {
      "name": "CVE-2019-20454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20454"
    },
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2022-46175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-3572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
    },
    {
      "name": "CVE-2023-4571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4571"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2022-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27536"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2020-28851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
    },
    {
      "name": "CVE-2021-33196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
    },
    {
      "name": "CVE-2021-31525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-37603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
    },
    {
      "name": "CVE-2022-41722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
    },
    {
      "name": "CVE-2021-41182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
    },
    {
      "name": "CVE-2023-40592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40592"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2021-33197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
    },
    {
      "name": "CVE-2021-27918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-40596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40596"
    },
    {
      "name": "CVE-2023-40594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40594"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2023-40595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40595"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2022-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
    },
    {
      "name": "CVE-2021-41184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
    },
    {
      "name": "CVE-2021-41183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2021-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
    },
    {
      "name": "CVE-2023-40597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40597"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2021-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2018-10237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2021-3803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2020-29652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2022-40023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
    },
    {
      "name": "CVE-2021-22569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2022-25881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
    },
    {
      "name": "CVE-2021-31566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
    },
    {
      "name": "CVE-2021-29923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2021-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2021-33194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2022-38900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
    },
    {
      "name": "CVE-2023-40598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40598"
    },
    {
      "name": "CVE-2013-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7489"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2023-40593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40593"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2018-20225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2021-44717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2021-29060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2021-20066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20066"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2022-23491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2020-28469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2021-33195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "initial_release_date": "2023-08-31T00:00:00",
  "last_revision_date": "2023-08-31T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0701",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-08-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Splunk",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0802 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0802"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0804 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0804"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0806 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0806"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0810 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0810"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0807 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0807"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0808 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0808"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0803 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0803"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0801 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0801"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0805 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0805"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0809 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0809"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0811 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0811"
    }
  ]
}

CERTFR-2022-AVI-650

Vulnerability from certfr_avis - Published: 2022-07-15 - Updated: 2022-07-15

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 20.4.x antérieures à 20.4R3-S2
Juniper Networks	Junos OS	Junos OS versions 21.1.x antérieures à 21.1R3-S1
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.1.x aantérieures à 21.1R3-S1-EVO
Juniper Networks	Junos OS	Junos OS versions 18.3.x antérieures à 18.3R3-S6
Juniper Networks	Junos OS	Junos OS versions 17.3.x antérieures à 17.3R3-S12
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3
Juniper Networks	Junos OS	Junos OS versions 21.4.x antérieures à 21.4R1-S2, 21.4R2
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 19.2.x antérieures à 19.2R1-S8, 19.2R3-S6
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions antérieures à 19.2R1-S9, 19.2R3-S5
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 20.3.x antérieures à 20.3R3-S3
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 19.3.x antérieures à 19.3R3-S6
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.3.x antérieures à 21.3R2-S1-EVO, 21.3R3-EVO
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 21.2.x antérieures à 21.2R2-S1, 21.2R3
Juniper Networks	Junos Space	Junos Space versions antérieures à 22.1R1
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 22.1.x antérieures à 22.1R2
Juniper Networks	Junos OS	Junos OS versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S6
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 19.3.x antérieures à 19.3R3-S6
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 20.1.x antérieures à 20.1R3-S4
Juniper Networks	N/A	Junos Space Security Director Policy Enforcer versions antérieures à 22.1R1
Juniper Networks	Junos OS	Junos OS versions 21.2.x antérieures à 21.2R2-S2, 21.2R3
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8
Juniper Networks	Junos OS	Junos OS versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions supérieures à 20.1R1
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 20.1.x antérieures à 20.1R3-S4
Juniper Networks	Junos OS	Junos OS versions 19.1.x antérieures à 19.1R2-S3, 19.1R3-S8
Juniper Networks	Junos OS	Junos OS versions 15.1X49, 15.1X49-D100 et suivantes antérieures à 19.2R3-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.2.x antérieures à 21.2R1-S1-EVO, 21.2R3-EVO
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3
Juniper Networks	Junos OS	Junos OS versions 20.2.x antérieures à 20.2R3-S5
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 21.1.x antérieures à 21.1R2, 21.1R3-S2
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S5
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 21.1.x antérieures à 21.1R3-S1
Juniper Networks	Junos OS	Junos OS versions 21.3.x antérieures à 21.3R2-S1, 21.3R3
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 19.3.x antérieures à 19.3R3-S6
Juniper Networks	N/A	Juniper Networks Contrail Networking versions antérieures à 21.4.0
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 19.4.x antérieures à 19.4R2-S5, 19.4R3-S8
Juniper Networks	N/A	Contrôleur Juniper Networks NorthStar versions antérieures à 5.1.0 Service Pack 6
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 20.2.x antérieures à 20.2R3-S5
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 20.4.x antérieures à 20.4R3-S2
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 20.2.x antérieures à 20.2R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 21.2.x antérieures à 21.2R1-S1, 21.2R2, 21.2R3-S1
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 20.2.x antérieures à 20.2R3-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.4.x antérieures à 21.4R1-S1-EVO, 21.4R2-EVO
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions antérieures à 19.2R1-S9, 19.2R3-S5
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 19.4.x antérieures à 19.4R3-S8
Juniper Networks	Junos OS	Junos OS sur plateformes PTX toutes versions antérieures à 19.1R3-S9
Juniper Networks	Junos OS	Junos OS versions 19.3.x antérieures à 19.3R2-S7, 19.3R3-S6
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 20.1.x antérieures à 20.1R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 21.3.x antérieures à 21.3R2
Juniper Networks	Junos OS	Junos OS versions 20.3.x antérieures à 20.3R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 20.3.x antérieures à 20.3R3-S3
Juniper Networks	Junos OS	Junos OS versions 18.4.x antérieures à 18.4R2-S10, 18.4R3-S9
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 21.2.x antérieures à 21.2R2-S2, 21.2R3
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 21.1.x antérieures à 21.1R3-S2
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 20.2.x antérieures à 20.2R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 21.2.x antérieures à 21.2R2-S3, 21.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1.x antérieures à 15.1R7-S10
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 20.1.x antérieures à 20.1R3-S4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.4R3-S3-EVO
Juniper Networks	Junos OS	Junos OS sur plateformes EX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 19.3.x antérieures à 19.3R3-S6
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.3R12-S21
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 21.3.x antérieures à 21.3R2
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 20.3.x antérieures à 20.3R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 20.4.x antérieures à 20.4R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 19.4.x antérieures à 19.4R3-S8
Juniper Networks	Junos OS	Junos OS versions 20.1.x antérieures à 20.1R3-S4
Juniper Networks	N/A	Contrôleur Juniper Networks NorthStar versions 6.x antérieures à 6.2.2
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions antérieures à 19.1R3-S9
Juniper Networks	Junos OS	Junos OS sur plateformes QFX versions 20.2.x antérieures à 20.2R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3-S2
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 20.3.x antérieures à 20.3R3-S3
Juniper Networks	Junos OS	Junos OS sur plateformes SRX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 20.3.x antérieures à 20.3R3-S4
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 21.4.x antérieures à 21.4R2
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 21.4.x antérieures à 21.4R2
Juniper Networks	Junos OS	Junos OS sur plateformes MX versions 21.2.x antérieures à 21.2R2-S2
Juniper Networks	Junos OS	Junos OS sur plateformes PTX versions 21.3.x antérieures à 21.3R3
Juniper Networks	Junos OS	Junos OS versions 20.4.x antérieures à 20.4R2-S2, 20.4R3-S3

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA69723 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69722 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69713 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69710 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69717 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69707 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69714 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69718 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69726 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69711 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69715 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69708 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69716 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69719 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69703 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69721 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69720 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69725 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69705 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69709 du 13 juillet 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69706 du 13 juillet 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS sur plateformes MX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.1.x aant\u00e9rieures \u00e0 21.1R3-S1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 18.3.x ant\u00e9rieures \u00e0 18.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.3.x ant\u00e9rieures \u00e0 17.3R3-S12",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S2, 21.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S8, 19.2R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1-EVO, 21.3R3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S1, 21.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 22.1R1",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 22.1.x ant\u00e9rieures \u00e0 22.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 22.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions sup\u00e9rieures \u00e0 20.1R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 19.1.x ant\u00e9rieures \u00e0 19.1R2-S3, 19.1R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49, 15.1X49-D100 et suivantes ant\u00e9rieures \u00e0 19.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1-EVO, 21.2R3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2, 21.1R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1, 21.3R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 21.4.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S5, 19.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leur Juniper Networks NorthStar versions ant\u00e9rieures \u00e0 5.1.0 Service Pack 6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1, 21.2R2, 21.2R3-S1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1-EVO, 21.4R2-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX toutes versions ant\u00e9rieures \u00e0 19.1R3-S9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 19.3.x ant\u00e9rieures \u00e0 19.3R2-S7, 19.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 18.4.x ant\u00e9rieures \u00e0 18.4R2-S10, 18.4R3-S9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S3, 21.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1.x ant\u00e9rieures \u00e0 15.1R7-S10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S3-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes EX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S21",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Contr\u00f4leur Juniper Networks NorthStar versions 6.x ant\u00e9rieures \u00e0 6.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions ant\u00e9rieures \u00e0 19.1R3-S9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes QFX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes SRX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes MX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS sur plateformes PTX versions 21.3.x ant\u00e9rieures \u00e0 21.3R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 20.4.x ant\u00e9rieures \u00e0 20.4R2-S2, 20.4R3-S3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2018-19361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2015-7036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7036"
    },
    {
      "name": "CVE-2015-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
    },
    {
      "name": "CVE-2019-17267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
    },
    {
      "name": "CVE-2020-14621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
    },
    {
      "name": "CVE-2018-19362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
    },
    {
      "name": "CVE-2020-2803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
    },
    {
      "name": "CVE-2022-22215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22215"
    },
    {
      "name": "CVE-2015-3308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3308"
    },
    {
      "name": "CVE-2021-35586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
    },
    {
      "name": "CVE-2020-1747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1747"
    },
    {
      "name": "CVE-2022-22221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22221"
    },
    {
      "name": "CVE-2018-14719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
    },
    {
      "name": "CVE-2016-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
    },
    {
      "name": "CVE-2021-35550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
    },
    {
      "name": "CVE-2016-8619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2016-3191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3191"
    },
    {
      "name": "CVE-2019-1352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1352"
    },
    {
      "name": "CVE-2021-35567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2020-14579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
    },
    {
      "name": "CVE-2020-14343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14343"
    },
    {
      "name": "CVE-2021-42574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
    },
    {
      "name": "CVE-2017-8105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8105"
    },
    {
      "name": "CVE-2022-22207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22207"
    },
    {
      "name": "CVE-2016-6318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6318"
    },
    {
      "name": "CVE-2017-5929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
    },
    {
      "name": "CVE-2022-22218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22218"
    },
    {
      "name": "CVE-2021-20271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20271"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2016-4738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4738"
    },
    {
      "name": "CVE-2016-10195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10195"
    },
    {
      "name": "CVE-2017-8804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8804"
    },
    {
      "name": "CVE-2020-14593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
    },
    {
      "name": "CVE-2017-10685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10685"
    },
    {
      "name": "CVE-2017-8287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8287"
    },
    {
      "name": "CVE-2014-4043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4043"
    },
    {
      "name": "CVE-2022-22210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22210"
    },
    {
      "name": "CVE-2016-7951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7951"
    },
    {
      "name": "CVE-2019-16942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
    },
    {
      "name": "CVE-2020-2773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
    },
    {
      "name": "CVE-2017-9117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9117"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2018-14718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
    },
    {
      "name": "CVE-2019-17571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
    },
    {
      "name": "CVE-2015-5602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5602"
    },
    {
      "name": "CVE-2020-14578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
    },
    {
      "name": "CVE-2020-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
    },
    {
      "name": "CVE-2020-2830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
    },
    {
      "name": "CVE-2020-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
    },
    {
      "name": "CVE-2016-7942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7942"
    },
    {
      "name": "CVE-2017-15412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
    },
    {
      "name": "CVE-2015-2716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2716"
    },
    {
      "name": "CVE-2020-14556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
    },
    {
      "name": "CVE-2015-7705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
    },
    {
      "name": "CVE-2020-36385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
    },
    {
      "name": "CVE-2018-19360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
    },
    {
      "name": "CVE-2017-17434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17434"
    },
    {
      "name": "CVE-2017-15994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15994"
    },
    {
      "name": "CVE-2020-25704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
    },
    {
      "name": "CVE-2014-9488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9488"
    },
    {
      "name": "CVE-2015-2059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2059"
    },
    {
      "name": "CVE-2019-16335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
    },
    {
      "name": "CVE-2015-1283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
    },
    {
      "name": "CVE-2019-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1349"
    },
    {
      "name": "CVE-2019-9893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9893"
    },
    {
      "name": "CVE-2022-21304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2016-7950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7950"
    },
    {
      "name": "CVE-2014-6272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6272"
    },
    {
      "name": "CVE-2018-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2020-14363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14363"
    },
    {
      "name": "CVE-2016-5300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
    },
    {
      "name": "CVE-2019-14893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
    },
    {
      "name": "CVE-2014-9746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9746"
    },
    {
      "name": "CVE-2003-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2003-0001"
    },
    {
      "name": "CVE-2015-8947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8947"
    },
    {
      "name": "CVE-2018-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
    },
    {
      "name": "CVE-2017-10684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10684"
    },
    {
      "name": "CVE-2015-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-35559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
    },
    {
      "name": "CVE-2013-7422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7422"
    },
    {
      "name": "CVE-2014-9474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9474"
    },
    {
      "name": "CVE-2016-9063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
    },
    {
      "name": "CVE-2019-1354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1354"
    },
    {
      "name": "CVE-2021-35565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
    },
    {
      "name": "CVE-2022-21303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2022-22204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22204"
    },
    {
      "name": "CVE-2020-25696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25696"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2016-7947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7947"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2021-35603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
    },
    {
      "name": "CVE-2012-0876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0876"
    },
    {
      "name": "CVE-2016-8618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
    },
    {
      "name": "CVE-2017-14062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14062"
    },
    {
      "name": "CVE-2020-2754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
    },
    {
      "name": "CVE-2020-8617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8617"
    },
    {
      "name": "CVE-2014-5044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5044"
    },
    {
      "name": "CVE-2017-14867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2016-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2124"
    },
    {
      "name": "CVE-2022-21270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
    },
    {
      "name": "CVE-2017-5225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5225"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2015-8388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2016-7949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7949"
    },
    {
      "name": "CVE-2016-2779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2779"
    },
    {
      "name": "CVE-2022-22205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22205"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2021-23017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
    },
    {
      "name": "CVE-2017-8421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8421"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2018-1000654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000654"
    },
    {
      "name": "CVE-2014-9114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9114"
    },
    {
      "name": "CVE-2016-4610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4610"
    },
    {
      "name": "CVE-2019-1350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1350"
    },
    {
      "name": "CVE-2019-16943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
    },
    {
      "name": "CVE-2021-35588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
    },
    {
      "name": "CVE-2021-23839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
    },
    {
      "name": "CVE-2022-22213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22213"
    },
    {
      "name": "CVE-2020-15999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15999"
    },
    {
      "name": "CVE-2016-1951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1951"
    },
    {
      "name": "CVE-2014-9471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9471"
    },
    {
      "name": "CVE-2017-7525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
    },
    {
      "name": "CVE-2017-14930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-14930"
    },
    {
      "name": "CVE-2015-5228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5228"
    },
    {
      "name": "CVE-2019-20330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
    },
    {
      "name": "CVE-2019-17531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
    },
    {
      "name": "CVE-2017-7614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7614"
    },
    {
      "name": "CVE-2021-28950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
    },
    {
      "name": "CVE-2020-36322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
    },
    {
      "name": "CVE-2022-22216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22216"
    },
    {
      "name": "CVE-2015-7805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7805"
    },
    {
      "name": "CVE-2016-4612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4612"
    },
    {
      "name": "CVE-2015-8385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
    },
    {
      "name": "CVE-2015-8394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
    },
    {
      "name": "CVE-2021-42739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
    },
    {
      "name": "CVE-2020-27619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
    },
    {
      "name": "CVE-2015-8391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
    },
    {
      "name": "CVE-2020-8492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
    },
    {
      "name": "CVE-2019-9169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
    },
    {
      "name": "CVE-2015-8386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
    },
    {
      "name": "CVE-2017-11164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
    },
    {
      "name": "CVE-2022-22212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22212"
    },
    {
      "name": "CVE-2020-1968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1968"
    },
    {
      "name": "CVE-2022-22206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22206"
    },
    {
      "name": "CVE-2020-29573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
    },
    {
      "name": "CVE-2017-1000368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000368"
    },
    {
      "name": "CVE-2020-2755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
    },
    {
      "name": "CVE-2017-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
    },
    {
      "name": "CVE-2015-8380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8380"
    },
    {
      "name": "CVE-2021-3177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
    },
    {
      "name": "CVE-2019-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1387"
    },
    {
      "name": "CVE-2016-9539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9539"
    },
    {
      "name": "CVE-2015-8387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
    },
    {
      "name": "CVE-2020-8840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
    },
    {
      "name": "CVE-2016-2516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2516"
    },
    {
      "name": "CVE-2016-7944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7944"
    },
    {
      "name": "CVE-2019-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
    },
    {
      "name": "CVE-2017-13716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-13716"
    },
    {
      "name": "CVE-2016-4607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
    },
    {
      "name": "CVE-2017-8817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2021-35578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
    },
    {
      "name": "CVE-2021-3487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3487"
    },
    {
      "name": "CVE-2020-14583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
    },
    {
      "name": "CVE-2018-9251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
    },
    {
      "name": "CVE-2017-12562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12562"
    },
    {
      "name": "CVE-2015-6525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6525"
    },
    {
      "name": "CVE-2020-2800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
    },
    {
      "name": "CVE-2018-14720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
    },
    {
      "name": "CVE-2016-2052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2052"
    },
    {
      "name": "CVE-2015-8540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8540"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2022-22202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22202"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2016-5180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
    },
    {
      "name": "CVE-2019-9518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
    },
    {
      "name": "CVE-2016-7943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7943"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2017-15095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
    },
    {
      "name": "CVE-2019-14540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2018-14721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2015-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2021-35564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
    },
    {
      "name": "CVE-2016-4608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4608"
    },
    {
      "name": "CVE-2019-9924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9924"
    },
    {
      "name": "CVE-2022-21344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
    },
    {
      "name": "CVE-2018-11307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
    },
    {
      "name": "CVE-2021-23840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
    },
    {
      "name": "CVE-2022-21367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
    },
    {
      "name": "CVE-2016-8622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
    },
    {
      "name": "CVE-2017-17485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
    },
    {
      "name": "CVE-2022-22209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22209"
    },
    {
      "name": "CVE-2022-22217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22217"
    },
    {
      "name": "CVE-2017-16548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16548"
    },
    {
      "name": "CVE-2020-2757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
    },
    {
      "name": "CVE-2015-8390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
    },
    {
      "name": "CVE-2016-7948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7948"
    },
    {
      "name": "CVE-2021-35556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
    },
    {
      "name": "CVE-2015-4042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4042"
    },
    {
      "name": "CVE-2019-14379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
    },
    {
      "name": "CVE-2017-8779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8779"
    },
    {
      "name": "CVE-2020-25717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
    },
    {
      "name": "CVE-2021-23841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
    },
    {
      "name": "CVE-2021-41617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
    },
    {
      "name": "CVE-2017-1000158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000158"
    },
    {
      "name": "CVE-2020-8616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8616"
    },
    {
      "name": "CVE-2018-6954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
    },
    {
      "name": "CVE-2017-0553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0553"
    },
    {
      "name": "CVE-2016-1238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1238"
    },
    {
      "name": "CVE-2016-4484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4484"
    },
    {
      "name": "CVE-2016-9538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9538"
    },
    {
      "name": "CVE-2020-2756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
    },
    {
      "name": "CVE-2021-35561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
    },
    {
      "name": "CVE-2022-22203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22203"
    },
    {
      "name": "CVE-2017-10989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10989"
    },
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2022-21245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
    },
    {
      "name": "CVE-2020-12049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12049"
    },
    {
      "name": "CVE-2014-9939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9939"
    },
    {
      "name": "CVE-2017-8871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8871"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2021-37750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
    },
    {
      "name": "CVE-2019-14892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
    },
    {
      "name": "CVE-2020-14577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
    },
    {
      "name": "CVE-2022-22214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22214"
    }
  ],
  "initial_release_date": "2022-07-15T00:00:00",
  "last_revision_date": "2022-07-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-650",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69723 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Security-Director-Policy-Enforcer-upgraded-to-CentOS-7-9"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69722 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release-CVE-2022-22218"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69713 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-RIB-and-PFEs-can-get-out-of-sync-due-to-a-memory-leak-caused-by-interface-flaps-or-route-churn-CVE-2022-22209"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69710 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-series-The-PFE-will-crash-when-specific-traffic-is-scanned-by-Enhanced-Web-Filtering-safe-search-CVE-2022-22206"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69717 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Denial-of-Service-DoS-vulnerability-in-RPD-upon-receipt-of-specific-BGP-update-CVE-2022-22213"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69707 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-Receipt-of-specific-traffic-will-lead-to-an-fxpc-process-crash-followed-by-an-FPC-reboot-CVE-2022-22203"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69714 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-MX-Series-An-l2alm-crash-leading-to-an-FPC-crash-can-be-observed-in-VxLAN-scenario-CVE-2022-22210"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69718 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-MPLS-scenario-upon-receipt-of-a-specific-IPv6-packet-an-FPC-will-crash-CVE-2022-22214"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69726 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Contrail-Networking-Multiple-vulnerabilities-resolved-in-Contrail-Networking-21-4"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69711 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC11-In-a-GNF-node-slicing-scenario-gathering-AF-interface-statistics-can-lead-to-a-kernel-crash-CVE-2022-22207"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69715 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-OpenSSL-security-fixes"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69708 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-When-receiving-a-specific-SIP-packets-stale-call-table-entries-are-created-which-eventually-leads-to-a-DoS-for-all-SIP-traffic-CVE-2022-22204"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69716 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-hostbound-traffic-will-cause-unexpected-hostbound-traffic-delays-or-drops-CVE-2022-22212"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69719 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-var-run-pid-env-files-are-potentially-not-deleted-during-termination-of-a-gRPC-connection-causing-inode-exhaustion-CVE-2022-22215"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69703 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Northstar-Controller-nginx-component-allows-remote-attacker-to-cause-worker-process-crash-or-potentially-arbitrary-code-execution-CVE-2021-23017-2"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69721 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX10k-Series-Denial-of-Service-DoS-upon-receipt-of-crafted-MLD-packets-on-multi-homing-ESI-in-VXLAN-CVE-2022-22217"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69720 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Etherleak-memory-disclosure-in-Ethernet-padding-data-CVE-2022-22216"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69725 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-and-EX-Series-Local-privilege-escalation-flaw-in-download-functionality-CVE-2022-22221"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69705 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-in-SQLite-resolved"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69709 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-Series-An-FPC-memory-leak-can-occur-in-an-APBR-scenario-CVE-2022-22205"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69706 du 13 juillet 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-FPCs-may-restart-unexpectedly-upon-receipt-of-specific-MPLS-packets-with-certain-multi-unit-interface-configurations-CVE-2022-22202"
    }
  ]
}

CERTFR-2023-AVI-1015

Vulnerability from certfr_avis - Published: 2023-12-12 - Updated: 2023-12-12

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions
Siemens	N/A	Opcenter Quality toutes versions
Siemens	N/A	SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions
Siemens	N/A	SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC PC-Station Plus toutes versions
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60
Siemens	N/A	SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions
Siemens	N/A	LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SINUMERIK MC toutes versions
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions
Siemens	N/A	SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions
Siemens	N/A	LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions
Siemens	N/A	SINUMERIK ONE toutes versions
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0
Siemens	N/A	SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15
Siemens	N/A	SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions
Siemens	N/A	SINUMERIK Integrate RunMyHMI /Automotive toutes versions
Siemens	N/A	SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions
Siemens	N/A	SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC STEP 7 (TIA Portal) versions antérieures à V19
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions
Siemens	N/A	SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0
Siemens	N/A	SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions
Siemens	N/A	LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions
Siemens	N/A	SIMATIC PCS neo versions antérieures à V4.1
Siemens	N/A	SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SINEC INS versions antérieures à V1.0 SP2 Update 2
Siemens	N/A	LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-7 LTE toutes versions
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions
Siemens	N/A	LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0
Siemens	N/A	Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-844582 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-180704 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-077170 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-480095 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-118850 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-068047 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-892915 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-999588 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-280603 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-693975 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-887801 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-592380 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-398330 du 12 décembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Quality toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PC-Station Plus toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK MC toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK ONE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-7 LTE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2017-7376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
    },
    {
      "name": "CVE-2017-0663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2017-9048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2017-9050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2017-9049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
    },
    {
      "name": "CVE-2017-16932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
    },
    {
      "name": "CVE-2016-9318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
    },
    {
      "name": "CVE-2018-0495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
    },
    {
      "name": "CVE-2019-6111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
    },
    {
      "name": "CVE-2019-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
    },
    {
      "name": "CVE-2019-3856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
    },
    {
      "name": "CVE-2019-3863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
    },
    {
      "name": "CVE-2019-3857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2019-5443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
    },
    {
      "name": "CVE-2019-6109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
    },
    {
      "name": "CVE-2019-15903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
    },
    {
      "name": "CVE-2019-3859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
    },
    {
      "name": "CVE-2019-3861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
    },
    {
      "name": "CVE-2019-3860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
    },
    {
      "name": "CVE-2019-3858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
    },
    {
      "name": "CVE-2019-3862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2019-13057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2019-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2019-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2019-19906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
    },
    {
      "name": "CVE-2020-14145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2018-20843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2020-25709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
    },
    {
      "name": "CVE-2021-3177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
    },
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
    },
    {
      "name": "CVE-2020-36224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
    },
    {
      "name": "CVE-2020-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
    },
    {
      "name": "CVE-2020-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
    },
    {
      "name": "CVE-2020-36225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
    },
    {
      "name": "CVE-2020-36228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
    },
    {
      "name": "CVE-2020-36223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
    },
    {
      "name": "CVE-2020-36229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
    },
    {
      "name": "CVE-2020-36226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
    },
    {
      "name": "CVE-2020-36230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
    },
    {
      "name": "CVE-2020-10531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
    },
    {
      "name": "CVE-2021-28363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2019-17543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
    },
    {
      "name": "CVE-2021-3518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2019-20907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2021-20305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
    },
    {
      "name": "CVE-2019-20388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
    },
    {
      "name": "CVE-2020-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
    },
    {
      "name": "CVE-2020-29573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2019-5188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
    },
    {
      "name": "CVE-2019-5094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2013-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
    },
    {
      "name": "CVE-2021-33910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
    },
    {
      "name": "CVE-2021-27219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
    },
    {
      "name": "CVE-2021-27218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2020-24977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2020-29362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
    },
    {
      "name": "CVE-2019-9169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
    },
    {
      "name": "CVE-2020-29363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2020-13776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
    },
    {
      "name": "CVE-2020-26116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
    },
    {
      "name": "CVE-2020-25692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
    },
    {
      "name": "CVE-2016-10228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
    },
    {
      "name": "CVE-2020-29361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
    },
    {
      "name": "CVE-2021-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2020-8492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
    },
    {
      "name": "CVE-2021-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
    },
    {
      "name": "CVE-2021-3537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
    },
    {
      "name": "CVE-2020-8315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2021-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2021-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
    },
    {
      "name": "CVE-2021-3733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
    },
    {
      "name": "CVE-2022-45061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
    },
    {
      "name": "CVE-2022-40674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-43680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2019-9948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
    },
    {
      "name": "CVE-2022-42898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
    },
    {
      "name": "CVE-2019-6110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2019-16905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2022-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
    },
    {
      "name": "CVE-2022-23990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2022-22822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2021-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2019-5436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
    },
    {
      "name": "CVE-2022-25313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2022-25315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
    },
    {
      "name": "CVE-2022-25235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2021-41617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
    },
    {
      "name": "CVE-2022-0391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-9947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
    },
    {
      "name": "CVE-2019-9740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
    },
    {
      "name": "CVE-2019-10160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
    },
    {
      "name": "CVE-2019-16056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2019-17594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
    },
    {
      "name": "CVE-2019-17595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
    },
    {
      "name": "CVE-2021-20231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
    },
    {
      "name": "CVE-2021-36085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
    },
    {
      "name": "CVE-2021-36084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
    },
    {
      "name": "CVE-2021-20232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
    },
    {
      "name": "CVE-2021-36086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2021-36087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2021-28153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2022-29155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
    },
    {
      "name": "CVE-2022-25314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
    },
    {
      "name": "CVE-2021-4122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2022-2274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2020-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
    },
    {
      "name": "CVE-2022-24407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2021-37750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2019-18348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
    },
    {
      "name": "CVE-2020-15523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
    },
    {
      "name": "CVE-2021-4189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
    },
    {
      "name": "CVE-2022-37454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
    },
    {
      "name": "CVE-2020-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2020-15778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-25136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2015-20107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
    },
    {
      "name": "CVE-2022-45873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
    },
    {
      "name": "CVE-2022-3821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2018-12886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
    },
    {
      "name": "CVE-2022-1304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
    },
    {
      "name": "CVE-2023-24329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2023-31238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2023-30901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
    },
    {
      "name": "CVE-2021-3998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
    },
    {
      "name": "CVE-2019-20218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
    },
    {
      "name": "CVE-2020-35527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
    },
    {
      "name": "CVE-2016-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
    },
    {
      "name": "CVE-2019-19959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
    },
    {
      "name": "CVE-2020-35525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2016-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
    },
    {
      "name": "CVE-2021-28861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
    },
    {
      "name": "CVE-2023-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
    },
    {
      "name": "CVE-2023-0361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
    },
    {
      "name": "CVE-2023-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
    },
    {
      "name": "CVE-2023-34319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
    },
    {
      "name": "CVE-2023-1206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
    },
    {
      "name": "CVE-2023-40283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
    },
    {
      "name": "CVE-2023-28831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
    },
    {
      "name": "CVE-2023-3772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-4623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
    },
    {
      "name": "CVE-2023-39192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
    },
    {
      "name": "CVE-2023-39193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
    },
    {
      "name": "CVE-2023-42754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
    },
    {
      "name": "CVE-2023-39194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2023-42755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-31085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
    },
    {
      "name": "CVE-2023-39189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-44321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
    },
    {
      "name": "CVE-2023-44374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
    },
    {
      "name": "CVE-2023-44320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
    },
    {
      "name": "CVE-2023-44319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
    },
    {
      "name": "CVE-2023-44317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
    },
    {
      "name": "CVE-2023-44318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
    },
    {
      "name": "CVE-2023-44373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
    },
    {
      "name": "CVE-2023-44322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
    },
    {
      "name": "CVE-2020-22218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2021-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
    },
    {
      "name": "CVE-2023-5717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
    },
    {
      "name": "CVE-2023-45871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
    },
    {
      "name": "CVE-2020-19186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
    },
    {
      "name": "CVE-2020-19190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
    },
    {
      "name": "CVE-2020-19185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
    },
    {
      "name": "CVE-2020-19189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
    },
    {
      "name": "CVE-2020-19187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
    },
    {
      "name": "CVE-2020-19188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
    },
    {
      "name": "CVE-2020-19909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
    },
    {
      "name": "CVE-2019-11360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
    },
    {
      "name": "CVE-2019-13627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
    },
    {
      "name": "CVE-2019-7309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2019-1010024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
    },
    {
      "name": "CVE-2022-47375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
    },
    {
      "name": "CVE-2019-19126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
    },
    {
      "name": "CVE-2023-46283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
    },
    {
      "name": "CVE-2023-46282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
    },
    {
      "name": "CVE-2023-32643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
    },
    {
      "name": "CVE-2014-7209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
    },
    {
      "name": "CVE-2023-48431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2017-17512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
    },
    {
      "name": "CVE-2020-1712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
    },
    {
      "name": "CVE-2023-48430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
    },
    {
      "name": "CVE-2019-6488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
    },
    {
      "name": "CVE-2023-39128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
    },
    {
      "name": "CVE-2018-20482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
    },
    {
      "name": "CVE-2021-27212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
    },
    {
      "name": "CVE-2019-5481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
    },
    {
      "name": "CVE-2021-43396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
    },
    {
      "name": "CVE-2022-2509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
    },
    {
      "name": "CVE-2022-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2019-20795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2019-9674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2020-21913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
    },
    {
      "name": "CVE-2019-12904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
    },
    {
      "name": "CVE-2021-28041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
    },
    {
      "name": "CVE-2022-42784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
    },
    {
      "name": "CVE-2023-48427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
    },
    {
      "name": "CVE-2020-24659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
    },
    {
      "name": "CVE-2023-48429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
    },
    {
      "name": "CVE-2020-12062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
    },
    {
      "name": "CVE-2019-1010023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
    },
    {
      "name": "CVE-2023-49692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
    },
    {
      "name": "CVE-2016-10739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
    },
    {
      "name": "CVE-2019-1010180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
    },
    {
      "name": "CVE-2023-46285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
    },
    {
      "name": "CVE-2023-46156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
    },
    {
      "name": "CVE-2019-5435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
    },
    {
      "name": "CVE-2019-15847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
    },
    {
      "name": "CVE-2023-29491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
    },
    {
      "name": "CVE-2019-20367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
    },
    {
      "name": "CVE-2023-46284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
    },
    {
      "name": "CVE-2023-35945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
    },
    {
      "name": "CVE-2023-32665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2021-3997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
    },
    {
      "name": "CVE-2021-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
    },
    {
      "name": "CVE-2023-26604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
    },
    {
      "name": "CVE-2019-1010022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
    },
    {
      "name": "CVE-2020-6096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
    },
    {
      "name": "CVE-2021-33294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-48428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2019-17498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
    },
    {
      "name": "CVE-2023-49691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
    },
    {
      "name": "CVE-2023-25139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
    },
    {
      "name": "CVE-2023-29499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
    },
    {
      "name": "CVE-2020-1751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
    },
    {
      "name": "CVE-2019-1010025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
    },
    {
      "name": "CVE-2019-12290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
    },
    {
      "name": "CVE-2019-18224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
    },
    {
      "name": "CVE-2018-18928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
    },
    {
      "name": "CVE-2022-27943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2021-32292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
    },
    {
      "name": "CVE-2020-21047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
    },
    {
      "name": "CVE-2021-46195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
    },
    {
      "name": "CVE-2023-38380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
    },
    {
      "name": "CVE-2023-28531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
    },
    {
      "name": "CVE-2020-11501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2022-47374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
    },
    {
      "name": "CVE-2023-46281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2020-15801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
    },
    {
      "name": "CVE-2022-46141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
    },
    {
      "name": "CVE-2023-34969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
    },
    {
      "name": "CVE-2020-13529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
    },
    {
      "name": "CVE-2023-27371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
    },
    {
      "name": "CVE-2023-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2019-9923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
    },
    {
      "name": "CVE-2020-13777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2020-14422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
    },
    {
      "name": "CVE-2023-32636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
    },
    {
      "name": "CVE-2021-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
    },
    {
      "name": "CVE-2018-19591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
    },
    {
      "name": "CVE-2022-48560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
    }
  ],
  "initial_release_date": "2023-12-12T00:00:00",
  "last_revision_date": "2023-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-1015",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
    }
  ]
}

CERTFR-2022-AVI-053

Vulnerability from certfr_avis - Published: 2022-01-19 - Updated: 2022-01-19

De multiples vulnérabilités ont été découvertes dans Oracle PeopleSoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	PeopleSoft	PeopleSoft Enterprise CS SA Integration Pack versions 9.0, 9.2
	Oracle	PeopleSoft	PeopleSoft Enterprise PeopleTools versions 8.57, 8.58, 8.59

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2022.html du 18 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "PeopleSoft Enterprise CS SA Integration Pack versions 9.0, 9.2",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "PeopleSoft Enterprise PeopleTools versions 8.57, 8.58, 8.59",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-21272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21272"
    },
    {
      "name": "CVE-2022-21300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21300"
    },
    {
      "name": "CVE-2021-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
    },
    {
      "name": "CVE-2021-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2351"
    },
    {
      "name": "CVE-2022-21369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21369"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2021-37137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
    },
    {
      "name": "CVE-2022-21359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21359"
    },
    {
      "name": "CVE-2022-21345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21345"
    },
    {
      "name": "CVE-2021-22931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2022-21364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21364"
    },
    {
      "name": "CVE-2021-37695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37695"
    }
  ],
  "initial_release_date": "2022-01-19T00:00:00",
  "last_revision_date": "2022-01-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-053",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle PeopleSoft.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle PeopleSoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2022.html du 18 janvier 2022",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixPS"
    }
  ]
}

CERTFR-2021-AVI-834

Vulnerability from certfr_avis - Published: 2021-10-29 - Updated: 2021-10-29

De multiples vulnérabilités ont été découvertes dans les produits NetApp. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
NetApp	N/A	NetApp HCI Baseboard Management Controller (BMC) H300S/H500S/H700S/H300E/H500E/H700E/H410S
NetApp	N/A	Clustered Data ONTAP versions 9.6.x antérieures à 9.6P16
NetApp	N/A	System Manager versions 9.9.x antérieures à 9.9.1P2
NetApp	N/A	Clustered Data ONTAP versions 9.8.x antérieures à 9.8P7
NetApp	N/A	Clustered Data ONTAP versions 9.7.x antérieures à 9.7P16
NetApp	N/A	NetApp HCI Baseboard Management Controller (BMC) H410C
NetApp	NetApp SolidFire & HCI Management Node	NetApp SolidFire & HCI Management Node
NetApp	N/A	System Manager versions 9.7.x antérieures à 9.7P16
NetApp	N/A	Clustered Data ONTAP versions 9.9.x antérieures à 9.9.1P3
NetApp	N/A	System Manager versions 9.8.x antérieures à 9.8P7

References

Title

Publication Time

Tags

Bulletin de sécurité NetApp ntap-20211029-0004 du 29 octobre 2021	None	vendor-advisory
Bulletin de sécurité NetApp ntap-20211029-0001 du 29 octobre 2021	None	vendor-advisory
Bulletin de sécurité NetApp ntap-20211029-0003 du 29 octobre 2021	None	vendor-advisory
Bulletin de sécurité NetApp ntap-20211029-0002 du 29 octobre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "NetApp HCI Baseboard Management Controller (BMC) H300S/H500S/H700S/H300E/H500E/H700E/H410S",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Clustered Data ONTAP versions 9.6.x ant\u00e9rieures \u00e0 9.6P16",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "System Manager versions 9.9.x ant\u00e9rieures \u00e0 9.9.1P2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Clustered Data ONTAP versions 9.8.x ant\u00e9rieures \u00e0 9.8P7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Clustered Data ONTAP versions 9.7.x ant\u00e9rieures \u00e0 9.7P16",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "NetApp HCI Baseboard Management Controller (BMC) H410C",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "NetApp SolidFire \u0026 HCI Management Node",
      "product": {
        "name": "NetApp SolidFire \u0026 HCI Management Node",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "System Manager versions 9.7.x ant\u00e9rieures \u00e0 9.7P16",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Clustered Data ONTAP versions 9.9.x ant\u00e9rieures \u00e0 9.9.1P3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "System Manager versions 9.8.x ant\u00e9rieures \u00e0 9.8P7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-41864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
    },
    {
      "name": "CVE-2021-27004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27004"
    },
    {
      "name": "CVE-2021-27005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27005"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    }
  ],
  "initial_release_date": "2021-10-29T00:00:00",
  "last_revision_date": "2021-10-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-834",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nNetApp. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\n\u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NetApp",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20211029-0004 du 29 octobre 2021",
      "url": "https://security.netapp.com/advisory/ntap-20211029-0004/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20211029-0001 du 29 octobre 2021",
      "url": "https://security.netapp.com/advisory/ntap-20211029-0001/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20211029-0003 du 29 octobre 2021",
      "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp ntap-20211029-0002 du 29 octobre 2021",
      "url": "https://security.netapp.com/advisory/ntap-20211029-0002/"
    }
  ]
}

CERTFR-2022-AVI-216

Vulnerability from certfr_avis - Published: 2022-03-08 - Updated: 2022-03-08

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mendix Forgot Password Appstore module versions 3.2.x antérieures à 3.2.2
Mendix Forgot Password Appstore module versions 3.3.x à 3.5.x antérieures à 3.5.1
Mendix Applications utilisant Mendix versions 7.x antérieures à 7.23.29
Mendix Applications utilisant Mendix versions 8.x antérieures à 8.18.16
COMOS versions antérieures à 10.4.1
Simcenter STAR-CCM+ Viewer versions antérieures à V2022.1
SIMOTICS CONNECT 400 versions antérieures à 1.0.0.0
Climatix POL909 (module AWB) versions antérieures à 11.44
Climatix POL909 (module AWM) versions antérieures à 11.36
RUGGEDCOM ROS M2100, RMC8388, RS416v2, RS900G, RS900G (32M), RSG900, RSG920P, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions antérieures à 5.6.0
SINUMERIK MC versions antérieures à 1.15 SP1
SINUMERIK ONE versions antérieures à 6.15 SP1
SINEC INS versions antérieures à 1.0.1.1
RUGGEDCOM ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536 et RX5000 versions antérieures à 2.15.0
Polarion Subversion Webclient versions antérieures à 21 R2 P2
RUGGEDCOM ROS i800, i801, i802, i803, M969, M2100, M2200, RMC, RMC20, RMC30, RMC40, RMC41, RMC8388, RP110, RS400, RS401, RS416, RS416v2, RS900 (32M), RS900G, RS900G (32M), RS900GP, RS900L, RS900L, RS900W, RS910, RS910L, RS910W, RS920L, RS920W, RS930L, RS930W, RS940G, RS969, RS8000, RS8000A, RS8000H, RS8000T, RSG900, RSG900C, RSG900G, RSG900R, RSG907R, RSG908C, RSG909R, RSG910C, RSG920P, RSG2100, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2200, RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions antérieures à 5.6.0

L'éditeur ne propose pas de correctif pour :

Mendix Applications utilisant Mendix versions 9
SINEC NMS toutes versions

Se référer aux mesures de contournement proposées dans la section Documentation.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-166747 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-252466 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-562051 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-223353 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-337210 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-148641 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-389290 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-764417 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-256353 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-703715 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-594438 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-415938 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-134279 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-155599 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-406691 du 8 mars 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-250085 du 8 mars 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eMendix Forgot Password Appstore module versions 3.2.x ant\u00e9rieures \u00e0 3.2.2\u003c/li\u003e \u003cli\u003eMendix Forgot Password Appstore module versions 3.3.x \u00e0 3.5.x ant\u00e9rieures \u00e0 3.5.1\u003c/li\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 7.x ant\u00e9rieures \u00e0 7.23.29\u003c/li\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 8.x ant\u00e9rieures \u00e0 8.18.16\u003c/li\u003e \u003cli\u003eCOMOS versions ant\u00e9rieures \u00e0 10.4.1\u003c/li\u003e \u003cli\u003eSimcenter STAR-CCM+ Viewer versions ant\u00e9rieures \u00e0 V2022.1\u003c/li\u003e \u003cli\u003eSIMOTICS CONNECT 400 versions ant\u00e9rieures \u00e0 1.0.0.0\u003c/li\u003e \u003cli\u003eClimatix POL909 (module AWB) versions ant\u00e9rieures \u00e0 11.44\u003c/li\u003e \u003cli\u003eClimatix POL909 (module AWM) versions ant\u00e9rieures \u00e0 11.36\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROS M2100, RMC8388, RS416v2, RS900G, RS900G (32M), RSG900, RSG920P, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions ant\u00e9rieures \u00e0 5.6.0\u003c/li\u003e \u003cli\u003eSINUMERIK MC versions ant\u00e9rieures \u00e0 1.15 SP1\u003c/li\u003e \u003cli\u003eSINUMERIK ONE versions ant\u00e9rieures \u00e0 6.15 SP1\u003c/li\u003e \u003cli\u003eSINEC INS versions ant\u00e9rieures \u00e0 1.0.1.1\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536 et RX5000 versions ant\u00e9rieures \u00e0 2.15.0\u003c/li\u003e \u003cli\u003ePolarion Subversion Webclient versions ant\u00e9rieures \u00e0 21 R2 P2\u003c/li\u003e \u003cli\u003eRUGGEDCOM ROS i800, i801, i802, i803, M969, M2100, M2200, RMC, RMC20, RMC30, RMC40, RMC41, RMC8388, RP110, RS400, RS401, RS416, RS416v2, RS900 (32M), RS900G, RS900G (32M), RS900GP, RS900L, RS900L, RS900W, RS910, RS910L, RS910W, RS920L, RS920W, RS930L, RS930W, RS940G, RS969, RS8000, RS8000A, RS8000H, RS8000T, RSG900, RSG900C, RSG900G, RSG900R, RSG907R, RSG908C, RSG909R, RSG910C, RSG920P, RSG2100, RSG2100 (32M), RSG2100P, RSG2100P (32M), RSG2200, RSG2288, RSG2300, RSG2300P, RSG2488, RSL910, RST916C, RST916P et RST2228 versions ant\u00e9rieures \u00e0 5.6.0\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour :\u003c/p\u003e \u003cul\u003e \u003cli\u003eMendix Applications utilisant Mendix versions 9\u003c/li\u003e \u003cli\u003eSINEC NMS toutes versions\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es dans la section Documentation.\u003c/p\u003e \u003cp\u003e\u0026nbsp;\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-44478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44478"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2021-42017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42017"
    },
    {
      "name": "CVE-2022-24282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24282"
    },
    {
      "name": "CVE-2021-25215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25215"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2021-25174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25174"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-37701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
    },
    {
      "name": "CVE-2021-32944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32944"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2021-27290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
    },
    {
      "name": "CVE-2021-42020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42020"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2021-22940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
    },
    {
      "name": "CVE-2021-32804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2022-24281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24281"
    },
    {
      "name": "CVE-2021-32936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32936"
    },
    {
      "name": "CVE-2021-22930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-7774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
    },
    {
      "name": "CVE-2021-22918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
    },
    {
      "name": "CVE-2020-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27304"
    },
    {
      "name": "CVE-2021-32946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32946"
    },
    {
      "name": "CVE-2021-41543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41543"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2021-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3450"
    },
    {
      "name": "CVE-2021-22939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2021-40366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40366"
    },
    {
      "name": "CVE-2021-41542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41542"
    },
    {
      "name": "CVE-2021-41541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41541"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2022-24309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24309"
    },
    {
      "name": "CVE-2020-8265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8265"
    },
    {
      "name": "CVE-2021-37713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2021-32938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32938"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2022-26317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26317"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2021-37712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2021-32940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32940"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2021-37208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37208"
    },
    {
      "name": "CVE-2021-32948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32948"
    },
    {
      "name": "CVE-2021-3449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
    },
    {
      "name": "CVE-2022-26313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26313"
    },
    {
      "name": "CVE-2021-22921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22921"
    },
    {
      "name": "CVE-2021-25216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25216"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2021-43527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2021-32803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
    },
    {
      "name": "CVE-2021-25177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25177"
    },
    {
      "name": "CVE-2021-25175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25175"
    },
    {
      "name": "CVE-2021-22884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22884"
    },
    {
      "name": "CVE-2021-32952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32952"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2018-7160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7160"
    },
    {
      "name": "CVE-2021-32950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32950"
    },
    {
      "name": "CVE-2021-3672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
    },
    {
      "name": "CVE-2021-31346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31346"
    },
    {
      "name": "CVE-2022-26314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26314"
    },
    {
      "name": "CVE-2021-31784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31784"
    },
    {
      "name": "CVE-2021-22883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22883"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2021-25214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25214"
    },
    {
      "name": "CVE-2021-22931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
    },
    {
      "name": "CVE-2021-31889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31889"
    },
    {
      "name": "CVE-2022-24408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24408"
    },
    {
      "name": "CVE-2021-42016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42016"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2021-39134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39134"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2020-8287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8287"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2022-24661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24661"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2021-25219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25219"
    },
    {
      "name": "CVE-2021-23840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
    },
    {
      "name": "CVE-2021-42018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42018"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2021-39135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39135"
    },
    {
      "name": "CVE-2021-25176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25176"
    },
    {
      "name": "CVE-2021-31890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31890"
    },
    {
      "name": "CVE-2021-25178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25178"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2021-23362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2021-25217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
    },
    {
      "name": "CVE-2021-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25173"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2022-25311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25311"
    },
    {
      "name": "CVE-2021-31344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31344"
    },
    {
      "name": "CVE-2021-37209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37209"
    },
    {
      "name": "CVE-2021-42019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42019"
    },
    {
      "name": "CVE-2020-8625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8625"
    }
  ],
  "initial_release_date": "2022-03-08T00:00:00",
  "last_revision_date": "2022-03-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-216",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-03-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166747 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-166747.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-252466 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-252466.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-562051 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-562051.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-223353 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-223353.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-337210 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-337210.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-148641 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-148641.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-389290 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-389290.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-764417 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-764417.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-256353 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-256353.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-703715 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-703715.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-594438 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-594438.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-415938 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-415938.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-134279 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-134279.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-155599 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-155599.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-406691 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-406691.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-250085 du 8 mars 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-250085.html"
    }
  ]
}

CERTFR-2022-AVI-570

Vulnerability from certfr_avis - Published: 2022-06-20 - Updated: 2022-06-20

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM Security Guardium versions 11.1 sans le correctif de sécurité SqlGuard_11.0p160_Bundle_Mar-23-2022
IBM	N/A	IBM Security Guardium versions 10.6 sans le correctif de sécurité SqlGuard_10.0p692_Bundle_May-12-2022
IBM	N/A	IBM Security Guardium versions 11.2 sans le correctif de sécurité SqlGuard_11.0p270_Bundle_Feb-24-2022
IBM	N/A	IBM Security Guardium versions 11.3 sans le correctif de sécurité SqlGuard_11.0p360_Bundle_Mar-24-2022
IBM	N/A	IBM StoredIQ versions 7.6.0.x antérieures à 7.6.0.22 sans le correctif de sécurité siq_7_6_0_22_log4j_2_17_1
IBM	QRadar WinCollect Agent	IBM QRadar WinCollect Agent versions 10.0.x antérieures à 10.0.2
IBM	N/A	IBM Security Guardium versions 11.0 sans le correctif de sécurité SqlGuard_11.0p45_Bundle_May-03-2022
IBM	N/A	IBM Security Guardium versions 10.5 sans le correctif de sécurité SqlGuard_10.0p550_Bundle_Mar-27-2022

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6596145 du 17 juin 2022	None	vendor-advisory
Bulletin de sécurité IBM 6596155 du 17 juin 2022	None	vendor-advisory
Bulletin de sécurité IBM 6596085 du 17 juin 2022	None	vendor-advisory
Bulletin de sécurité IBM 6572497 du 17 juin 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Security Guardium versions 11.1 sans le correctif de s\u00e9curit\u00e9 SqlGuard_11.0p160_Bundle_Mar-23-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Security Guardium versions 10.6 sans le correctif de s\u00e9curit\u00e9 SqlGuard_10.0p692_Bundle_May-12-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Security Guardium versions 11.2 sans le correctif de s\u00e9curit\u00e9 SqlGuard_11.0p270_Bundle_Feb-24-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Security Guardium versions 11.3 sans le correctif de s\u00e9curit\u00e9 SqlGuard_11.0p360_Bundle_Mar-24-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM StoredIQ versions 7.6.0.x ant\u00e9rieures \u00e0 7.6.0.22 sans le correctif de s\u00e9curit\u00e9 siq_7_6_0_22_log4j_2_17_1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar WinCollect Agent versions 10.0.x ant\u00e9rieures \u00e0 10.0.2",
      "product": {
        "name": "QRadar WinCollect Agent",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Security Guardium versions 11.0 sans le correctif de s\u00e9curit\u00e9 SqlGuard_11.0p45_Bundle_May-03-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Security Guardium versions 10.5 sans le correctif de s\u00e9curit\u00e9 SqlGuard_10.0p550_Bundle_Mar-27-2022",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2018-1320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1320"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2020-13949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
    },
    {
      "name": "CVE-2021-45105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2018-11798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11798"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2016-5397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5397"
    },
    {
      "name": "CVE-2021-45046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
    },
    {
      "name": "CVE-2019-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2019-0210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0210"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    }
  ],
  "initial_release_date": "2022-06-20T00:00:00",
  "last_revision_date": "2022-06-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-570",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6596145 du 17 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6596145"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6596155 du 17 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6596155"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6596085 du 17 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6596085"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6572497 du 17 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6572497"
    }
  ]
}

CERTFR-2023-AVI-0526

Vulnerability from certfr_avis - Published: 2023-07-11 - Updated: 2023-07-11

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC MV540 H (6GF3540-0GE10) versions antérieures à 3.3.4
Siemens	N/A	SIMATIC MV560 X (6GF3560-0HE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX5000 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX MX5000 versions antérieures à 2.16.0
Siemens	N/A	Tecnomatix Plant Simulation versions 2302.x antérieures à 2302.0002
Siemens	N/A	SIMATIC MV540 S (6GF3540-0CD10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1512 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1501 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC MV550 H (6GF3550-0GE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1524 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC MV550 S (6GF3550-0CD10) versions antérieures à 3.3.4
Siemens	N/A	SIMATIC MV560 U (6GF3560-0LE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1536 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1400 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC CN 4100 versions antérieures à 2.5
Siemens	N/A	RUGGEDCOM ROX RX1511 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1500 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1510 versions antérieures à 2.16.0
Siemens	N/A	Tecnomatix Plant Simulation versions 2201.x antérieures à 2201.0008
Siemens	N/A	SiPass integrated versions antérieures à 2.90.3.8
Siemens	N/A	RUGGEDCOM ROX MX5000RE versions antérieures à 2.16.0

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-764801 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-561322 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-313488 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-924149 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-146325 du 11 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC MV540 H (6GF3540-0GE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV560 X (6GF3560-0HE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX5000 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX MX5000 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Tecnomatix Plant Simulation versions 2302.x ant\u00e9rieures \u00e0 2302.0002",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV540 S (6GF3540-0CD10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1512 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1501 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV550 H (6GF3550-0GE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1524 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV550 S (6GF3550-0CD10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV560 U (6GF3560-0LE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1536 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1400 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 2.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1511 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1500 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1510 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Tecnomatix Plant Simulation versions 2201.x ant\u00e9rieures \u00e0 2201.0008",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiPass integrated versions ant\u00e9rieures \u00e0 2.90.3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX MX5000RE versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-36751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36751"
    },
    {
      "name": "CVE-2023-37247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37247"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-36755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36755"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2023-36753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36753"
    },
    {
      "name": "CVE-2023-36749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36749"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-48285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
    },
    {
      "name": "CVE-2023-36390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36390"
    },
    {
      "name": "CVE-2023-37376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37376"
    },
    {
      "name": "CVE-2023-36389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36389"
    },
    {
      "name": "CVE-2023-36750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36750"
    },
    {
      "name": "CVE-2023-29131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29131"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-36521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36521"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2023-35920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35920"
    },
    {
      "name": "CVE-2023-29130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29130"
    },
    {
      "name": "CVE-2022-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29562"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2019-14196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14196"
    },
    {
      "name": "CVE-2023-35921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35921"
    },
    {
      "name": "CVE-2023-36754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36754"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2023-36752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36752"
    },
    {
      "name": "CVE-2022-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1012"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-36386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36386"
    },
    {
      "name": "CVE-2023-37374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37374"
    },
    {
      "name": "CVE-2022-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
    },
    {
      "name": "CVE-2023-37375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37375"
    },
    {
      "name": "CVE-2022-29561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29561"
    },
    {
      "name": "CVE-2022-30767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30767"
    },
    {
      "name": "CVE-2023-36748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36748"
    },
    {
      "name": "CVE-2023-37248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37248"
    },
    {
      "name": "CVE-2022-31810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31810"
    },
    {
      "name": "CVE-2023-37246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37246"
    },
    {
      "name": "CVE-2022-24903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
    }
  ],
  "initial_release_date": "2023-07-11T00:00:00",
  "last_revision_date": "2023-07-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0526",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-764801 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-764801.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-561322 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-561322.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-313488 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-313488.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-924149 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-924149.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-146325 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-146325.html"
    }
  ]
}

CERTFR-2026-AVI-0199

Vulnerability from certfr_avis - Published: 2026-02-24 - Updated: 2026-02-24

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Telco Cloud Platform	Telco Cloud Platform versions 4.x et 5.x sans le correctif de sécurité KB428241
VMware	Tanzu Data Services	Tanzu Data Flow versions antérieures à 2.0.2 sur Tanzu Platform
VMware	Azure Spring Enterprise	Harbor Registry versions antérieures à 2.14.2
VMware	Tanzu Data Intelligence	Tanzu pour MySQL versions 2.0.0 sur Kubernetes
VMware	Cloud Foundation	Cloud Foundation versions 9.x antérieures à 9.0.2.0
VMware	Tanzu Kubernetes Runtime	App Metrics versions antérieures à2.3.3
VMware	Tanzu Data Intelligence	Tanzu GemFire versions antérieures à 2.6.1 sur Kubernetes
VMware	Tanzu Kubernetes Runtime	CredHub Secrets Management pour Tanzu Platform versions antérieures à 1.6.8
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 3.3.1 sur Kubernetes
VMware	Tanzu Operations Manager	Foundation Core pour Tanzu Platform versions antérieures à 3.2.4
VMware	Aria Operations	Aria Operations versions 8.x antérieures à 8.18.6
VMware	Tanzu Kubernetes Runtime	cf-mgmt pour Tanzu Platform versions antérieures à 1.0.108
VMware	Tanzu Data Intelligence	Tanzu pour Valkey version 9.0.1
VMware	Tanzu Kubernetes Runtime	Extended App Support pour Tanzu Platform versions antérieures à 1.0.15
VMware	Tanzu Data Intelligence	Tanzu GemFire Management versions antérieures à 1.4.3
VMware	Tanzu Kubernetes Runtime	NodeJS Buildpack versions antérieures à 1.8.77
VMware	Tanzu Kubernetes Runtime	Cloud Native Buildpacks pour Tanzu Platform versions antérieures à 0.6.5
VMware	Cloud Foundation	Cloud Foundation versions 4.x et 5.x sans le correctif de sécurité KB92148
VMware	Tanzu Kubernetes Runtime	AI Services pour Tanzu Platform versions antérieures à 10.3.4
VMware	Tanzu Kubernetes Runtime	Java Buildpack versions antérieures à 4.89.0
VMware	Telco Cloud Infrastructure	Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB428241
VMware	Tanzu Kubernetes Runtime	Elastic Application Runtime pour Tanzu Platform versions antérieures à 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 37012	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37001	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37013	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37003	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37023	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37017	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37006	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37024	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36997	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37004	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36947	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37018	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37005	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37008	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37007	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37020	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36998	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37002	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37021	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37022	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37016	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37019	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37010	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37009	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37000	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37011	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37015	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 37014	2026-02-24	vendor-advisory
Bulletin de sécurité VMware 36999	2026-02-24	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Telco Cloud Platform versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB428241",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Flow versions ant\u00e9rieures \u00e0 2.0.2 sur Tanzu Platform",
      "product": {
        "name": "Tanzu Data Services",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Harbor Registry versions ant\u00e9rieures \u00e0 2.14.2",
      "product": {
        "name": "Azure Spring Enterprise",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour MySQL versions 2.0.0 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.2.0",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "App Metrics versions ant\u00e9rieures  \u00e02.3.3",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 2.6.1 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "CredHub Secrets Management pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.8",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Valkey version 3.3.1 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Foundation Core pour Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.4",
      "product": {
        "name": "Tanzu Operations Manager",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.6",
      "product": {
        "name": "Aria Operations",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "cf-mgmt pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.108",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Valkey version 9.0.1",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.15",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Management versions ant\u00e9rieures \u00e0 1.4.3",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.77",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Native Buildpacks pour Tanzu Platform versions ant\u00e9rieures \u00e0 0.6.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 4.x et 5.x sans le correctif de s\u00e9curit\u00e9 KB92148",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "AI Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Java Buildpack versions ant\u00e9rieures \u00e0 4.89.0",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9 KB428241",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Elastic Application Runtime pour Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.25+LTS-T, 10.2.8+LTS-T et 10.3.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2024-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
    },
    {
      "name": "CVE-2025-47219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
    },
    {
      "name": "CVE-2021-42384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42384"
    },
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2024-20919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2023-21938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
    },
    {
      "name": "CVE-2025-61730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2017-16544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16544"
    },
    {
      "name": "CVE-2025-39987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
    },
    {
      "name": "CVE-2021-42378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42378"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2025-21861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
    },
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2025-58183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
    },
    {
      "name": "CVE-2023-21843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2022-24450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24450"
    },
    {
      "name": "CVE-2025-66199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
    },
    {
      "name": "CVE-2025-15282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
    },
    {
      "name": "CVE-2024-21235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2021-42382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42382"
    },
    {
      "name": "CVE-2020-10750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10750"
    },
    {
      "name": "CVE-2025-68973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2025-40055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
    },
    {
      "name": "CVE-2021-42376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42376"
    },
    {
      "name": "CVE-2025-9714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
    },
    {
      "name": "CVE-2026-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
    },
    {
      "name": "CVE-2025-39876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
    },
    {
      "name": "CVE-2025-40029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
    },
    {
      "name": "CVE-2025-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
    },
    {
      "name": "CVE-2025-10148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
    },
    {
      "name": "CVE-2023-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
    },
    {
      "name": "CVE-2023-28840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
    },
    {
      "name": "CVE-2025-40048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2025-40219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
    },
    {
      "name": "CVE-2024-21144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
    },
    {
      "name": "CVE-2025-40043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2021-41091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41091"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2025-8556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
    },
    {
      "name": "CVE-2026-21936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
    },
    {
      "name": "CVE-2025-59775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59775"
    },
    {
      "name": "CVE-2026-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
    },
    {
      "name": "CVE-2025-39973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-8941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
    },
    {
      "name": "CVE-2025-66614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
    },
    {
      "name": "CVE-2018-1000517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000517"
    },
    {
      "name": "CVE-2025-15469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15469"
    },
    {
      "name": "CVE-2025-39943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39943"
    },
    {
      "name": "CVE-2025-39945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
    },
    {
      "name": "CVE-2025-39883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-21954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-21939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2024-20926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-40019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
    },
    {
      "name": "CVE-2025-40240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2025-40081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2024-58011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2025-40026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
    },
    {
      "name": "CVE-2025-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2023-45283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
    },
    {
      "name": "CVE-2025-40121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
    },
    {
      "name": "CVE-2026-1642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1642"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2024-21068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
    },
    {
      "name": "CVE-2025-55753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55753"
    },
    {
      "name": "CVE-2025-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
    },
    {
      "name": "CVE-2025-40204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
    },
    {
      "name": "CVE-2025-40171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
    },
    {
      "name": "CVE-2021-43816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2025-39911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
    },
    {
      "name": "CVE-2025-69419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
    },
    {
      "name": "CVE-2025-6052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2025-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10543"
    },
    {
      "name": "CVE-2025-40125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40125"
    },
    {
      "name": "CVE-2025-40349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
    },
    {
      "name": "CVE-2025-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
    },
    {
      "name": "CVE-2019-5481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
    },
    {
      "name": "CVE-2025-26646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26646"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2022-29222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29222"
    },
    {
      "name": "CVE-2025-40187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
    },
    {
      "name": "CVE-2025-58185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2024-21012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21012"
    },
    {
      "name": "CVE-2025-39913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2025-40092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40092"
    },
    {
      "name": "CVE-2022-41722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
    },
    {
      "name": "CVE-2025-61731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2025-39967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
    },
    {
      "name": "CVE-2025-40115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2021-42386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42386"
    },
    {
      "name": "CVE-2024-47561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2025-13837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
    },
    {
      "name": "CVE-2025-55752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2023-45284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
    },
    {
      "name": "CVE-2025-39949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-29190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29190"
    },
    {
      "name": "CVE-2025-40173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
    },
    {
      "name": "CVE-2024-24791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2022-28948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
    },
    {
      "name": "CVE-2025-58767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
    },
    {
      "name": "CVE-2024-56538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56538"
    },
    {
      "name": "CVE-2025-39923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2025-15367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
    },
    {
      "name": "CVE-2022-31030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
    },
    {
      "name": "CVE-2024-45341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
    },
    {
      "name": "CVE-2018-20679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20679"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-39953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39953"
    },
    {
      "name": "CVE-2025-15467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
    },
    {
      "name": "CVE-2023-2253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2253"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2026-2006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
    },
    {
      "name": "CVE-2022-21624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2023-34462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
    },
    {
      "name": "CVE-2025-40167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2025-39969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2025-27144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
    },
    {
      "name": "CVE-2017-15873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15873"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2025-40194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
    },
    {
      "name": "CVE-2025-40245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2024-24557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24557"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
    },
    {
      "name": "CVE-2025-40001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
    },
    {
      "name": "CVE-2026-1485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
    },
    {
      "name": "CVE-2024-29025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2025-40035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2025-39988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
    },
    {
      "name": "CVE-2026-22719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22719"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2026-2005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2022-39399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39399"
    },
    {
      "name": "CVE-2022-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
    },
    {
      "name": "CVE-2025-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
    },
    {
      "name": "CVE-2021-42374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42374"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-40233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
    },
    {
      "name": "CVE-2025-40020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
    },
    {
      "name": "CVE-2023-3635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
    },
    {
      "name": "CVE-2025-40188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
    },
    {
      "name": "CVE-2020-1971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
    },
    {
      "name": "CVE-2023-22041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22041"
    },
    {
      "name": "CVE-2022-21626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
    },
    {
      "name": "CVE-2025-66200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66200"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2025-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2026-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
    },
    {
      "name": "CVE-2023-34231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
    },
    {
      "name": "CVE-2026-0988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0988"
    },
    {
      "name": "CVE-2025-61727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
    },
    {
      "name": "CVE-2025-22866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2025-65637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2026-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
    },
    {
      "name": "CVE-2023-47090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47090"
    },
    {
      "name": "CVE-2025-40049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
    },
    {
      "name": "CVE-2025-47910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
    },
    {
      "name": "CVE-2021-4160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
    },
    {
      "name": "CVE-2025-40070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
    },
    {
      "name": "CVE-2022-29946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29946"
    },
    {
      "name": "CVE-2025-40106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2021-3995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2025-40205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2023-28319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
    },
    {
      "name": "CVE-2025-10966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2025-47906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
    },
    {
      "name": "CVE-2025-59375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2025-31133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2024-29018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2025-40027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
    },
    {
      "name": "CVE-2025-39885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2025-69421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2025-4517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
    },
    {
      "name": "CVE-2025-58188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
    },
    {
      "name": "CVE-2025-30215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30215"
    },
    {
      "name": "CVE-2016-9843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2024-40635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2026-21948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
    },
    {
      "name": "CVE-2025-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2025-39970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2025-39994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
    },
    {
      "name": "CVE-2025-52999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2025-40088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
    },
    {
      "name": "CVE-2025-40220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
    },
    {
      "name": "CVE-2021-3449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2023-22036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22036"
    },
    {
      "name": "CVE-2025-13151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
    },
    {
      "name": "CVE-2025-22058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
    },
    {
      "name": "CVE-2024-21634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
    },
    {
      "name": "CVE-2022-28391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28391"
    },
    {
      "name": "CVE-2022-38749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
    },
    {
      "name": "CVE-2025-40109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
    },
    {
      "name": "CVE-2025-40006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
    },
    {
      "name": "CVE-2022-21628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
    },
    {
      "name": "CVE-2024-21011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2025-68161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
    },
    {
      "name": "CVE-2024-45336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
    },
    {
      "name": "CVE-2025-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
    },
    {
      "name": "CVE-2023-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2023-3978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
    },
    {
      "name": "CVE-2022-26652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26652"
    },
    {
      "name": "CVE-2025-40011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2025-40085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
    },
    {
      "name": "CVE-2023-42365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42365"
    },
    {
      "name": "CVE-2025-40231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2026-22796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
    },
    {
      "name": "CVE-2021-42379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42379"
    },
    {
      "name": "CVE-2025-61724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
    },
    {
      "name": "CVE-2024-5642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2025-23143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2025-65082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65082"
    },
    {
      "name": "CVE-2024-47554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2025-61732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
    },
    {
      "name": "CVE-2025-61723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
    },
    {
      "name": "CVE-2025-9232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2026-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
    },
    {
      "name": "CVE-2025-21587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2022-36109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36109"
    },
    {
      "name": "CVE-2025-68146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
    },
    {
      "name": "CVE-2025-40183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
    },
    {
      "name": "CVE-2021-42381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42381"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2024-21147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2025-39998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
    },
    {
      "name": "CVE-2025-13836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
    },
    {
      "name": "CVE-2023-39410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
    },
    {
      "name": "CVE-2025-43857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2025-40134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
    },
    {
      "name": "CVE-2017-15874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15874"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2025-61725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
    },
    {
      "name": "CVE-2026-25210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
    },
    {
      "name": "CVE-2025-39968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-29458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-39986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
    },
    {
      "name": "CVE-2025-39955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
    },
    {
      "name": "CVE-2025-66293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
    },
    {
      "name": "CVE-2022-24769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24769"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2025-12818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
    },
    {
      "name": "CVE-2025-58098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58098"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2025-40078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
    },
    {
      "name": "CVE-2025-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2024-21140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
    },
    {
      "name": "CVE-2025-40116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
    },
    {
      "name": "CVE-2025-68249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
    },
    {
      "name": "CVE-2026-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
    },
    {
      "name": "CVE-2025-39934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
    },
    {
      "name": "CVE-2026-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
    },
    {
      "name": "CVE-2024-21094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2025-40179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
    },
    {
      "name": "CVE-2025-40127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2025-39996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2026-22721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22721"
    },
    {
      "name": "CVE-2025-40053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
    },
    {
      "name": "CVE-2026-24515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
    },
    {
      "name": "CVE-2025-39951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39951"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2025-40120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2024-41110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2022-48174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48174"
    },
    {
      "name": "CVE-2025-61594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
    },
    {
      "name": "CVE-2023-21835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2025-5025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
    },
    {
      "name": "CVE-2023-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
    },
    {
      "name": "CVE-2025-40243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2021-41089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41089"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2025-14104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2026-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2025-30761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
    },
    {
      "name": "CVE-2025-47912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2025-68160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
    },
    {
      "name": "CVE-2023-42364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42364"
    },
    {
      "name": "CVE-2025-54410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
    },
    {
      "name": "CVE-2022-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2025-40118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2025-52565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
    },
    {
      "name": "CVE-2025-40021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
    },
    {
      "name": "CVE-2025-67735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2025-61728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2019-5747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5747"
    },
    {
      "name": "CVE-2025-58186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
    },
    {
      "name": "CVE-2025-30698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
    },
    {
      "name": "CVE-2025-40044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2025-40105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
    },
    {
      "name": "CVE-2018-1000500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000500"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2026-26014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26014"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2025-40112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40112"
    },
    {
      "name": "CVE-2024-27289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27289"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2025-58187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2025-39971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
    },
    {
      "name": "CVE-2025-40154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
    },
    {
      "name": "CVE-2025-13601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
    },
    {
      "name": "CVE-2025-12817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2026-23949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
    },
    {
      "name": "CVE-2021-42385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42385"
    },
    {
      "name": "CVE-2023-22045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2024-21138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2023-22049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2022-41854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2025-40126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40126"
    },
    {
      "name": "CVE-2025-39972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
    },
    {
      "name": "CVE-2025-24294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
    },
    {
      "name": "CVE-2025-58181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
    },
    {
      "name": "CVE-2021-42836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2025-47914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2025-69418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
    },
    {
      "name": "CVE-2025-58058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-40200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
    },
    {
      "name": "CVE-2022-3358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
    },
    {
      "name": "CVE-2025-38236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
    },
    {
      "name": "CVE-2025-15468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
    },
    {
      "name": "CVE-2025-40124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40124"
    },
    {
      "name": "CVE-2025-39880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
    },
    {
      "name": "CVE-2025-58189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2025-40094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40094"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2022-38751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2024-21145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2026-21941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21941"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-40215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
    },
    {
      "name": "CVE-2025-40111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2023-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
    },
    {
      "name": "CVE-2025-40068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40068"
    },
    {
      "name": "CVE-2025-40042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2026-22695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
    },
    {
      "name": "CVE-2026-23490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
    },
    {
      "name": "CVE-2026-24733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
    },
    {
      "name": "CVE-2026-0992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
    },
    {
      "name": "CVE-2025-9230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
    },
    {
      "name": "CVE-2026-21947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
    },
    {
      "name": "CVE-2025-66564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2019-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2023-21930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
    },
    {
      "name": "CVE-2022-38752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2025-32414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
    },
    {
      "name": "CVE-2025-39937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
    },
    {
      "name": "CVE-2025-11187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2025-40060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
    },
    {
      "name": "CVE-2026-2003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
    },
    {
      "name": "CVE-2019-5443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
    },
    {
      "name": "CVE-2022-38750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2020-1967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1967"
    },
    {
      "name": "CVE-2025-68121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
    },
    {
      "name": "CVE-2025-60876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60876"
    },
    {
      "name": "CVE-2023-24531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
    },
    {
      "name": "CVE-2021-23840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2021-44717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
    },
    {
      "name": "CVE-2025-11065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11065"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2026-1484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
    },
    {
      "name": "CVE-2025-4947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
    },
    {
      "name": "CVE-2025-40178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2025-39869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2025-39985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
    },
    {
      "name": "CVE-2025-61726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2025-59464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
    },
    {
      "name": "CVE-2023-22006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22006"
    },
    {
      "name": "CVE-2019-5435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
    },
    {
      "name": "CVE-2022-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
    },
    {
      "name": "CVE-2025-8058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
    },
    {
      "name": "CVE-2026-1489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2026-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
    },
    {
      "name": "CVE-2026-0672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
    },
    {
      "name": "CVE-2025-8732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2024-21085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2025-21502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2022-23648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
    },
    {
      "name": "CVE-2021-23841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2023-39325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
    },
    {
      "name": "CVE-2025-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
    },
    {
      "name": "CVE-2026-22720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22720"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-42363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42363"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2024-21131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
    },
    {
      "name": "CVE-2025-39980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
    },
    {
      "name": "CVE-2024-21210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2025-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
    },
    {
      "name": "CVE-2024-24786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2019-1551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
    },
    {
      "name": "CVE-2025-40346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
    },
    {
      "name": "CVE-2023-21967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2022-21619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
    },
    {
      "name": "CVE-2025-40030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
    },
    {
      "name": "CVE-2025-40244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
    },
    {
      "name": "CVE-2025-39995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
    },
    {
      "name": "CVE-2025-68119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
    },
    {
      "name": "CVE-2022-21698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
    },
    {
      "name": "CVE-2025-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
    },
    {
      "name": "CVE-2025-22873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2025-39907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
    },
    {
      "name": "CVE-2023-42366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
    },
    {
      "name": "CVE-2024-21217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2026-25547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
    },
    {
      "name": "CVE-2025-69420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2025-40140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
    },
    {
      "name": "CVE-2024-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
    },
    {
      "name": "CVE-2025-40223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2026-1225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
    },
    {
      "name": "CVE-2024-53114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53114"
    },
    {
      "name": "CVE-2024-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
    },
    {
      "name": "CVE-2026-22703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22703"
    },
    {
      "name": "CVE-2026-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
    },
    {
      "name": "CVE-2025-61729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
    },
    {
      "name": "CVE-2025-39873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
    },
    {
      "name": "CVE-2024-21208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2022-29189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29189"
    },
    {
      "name": "CVE-2025-38248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
    },
    {
      "name": "CVE-2025-40351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
    },
    {
      "name": "CVE-2025-40087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
    },
    {
      "name": "CVE-2026-25646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
    }
  ],
  "initial_release_date": "2026-02-24T00:00:00",
  "last_revision_date": "2026-02-24T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0199",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37012",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37012"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37001",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37001"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37013",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37013"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37003",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37003"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37023",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37023"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37017",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37017"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37006",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37006"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37024",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37024"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36997",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36997"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37004",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37004"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36947",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37018",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37018"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37005",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37005"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37008",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37008"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37007",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37007"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37020",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37020"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36998",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36998"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37002",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37002"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37021",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37021"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37022",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37022"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37016",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37016"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37019",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37019"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37010",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37010"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37009",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37009"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37000",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37000"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37011",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37011"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37015",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37015"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37014",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37014"
    },
    {
      "published_at": "2026-02-24",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36999",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36999"
    }
  ]
}

CERTFR-2022-AVI-052

Vulnerability from certfr_avis - Published: 2022-01-19 - Updated: 2022-01-19

De multiples vulnérabilités ont été découvertes dans Oracle MySQL. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une exécution de code arbitraire et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	MySQL	MySQL Cluster versions 7.6.20 et antérieures
Oracle	MySQL	MySQL Cluster versions 7.4.34 et antérieures
Oracle	MySQL	MySQL Connectors versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Workbench versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Cluster versions 7.5.24 et antérieures
Oracle	MySQL	MySQL Server versions 5.7.x antérieures à 5.7.37
Oracle	MySQL	MySQL Cluster versions 8.0.x antérieures à 8.0.28
Oracle	MySQL	MySQL Server versions 8.0.x antérieures à 8.0.28

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2022.html du 18 janvier 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MySQL Cluster versions 7.6.20 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 7.4.34 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Connectors versions 8.0.x ant\u00e9rieures \u00e0 8.0.28",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Workbench versions 8.0.x ant\u00e9rieures \u00e0 8.0.28",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 7.5.24 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Server versions 5.7.x ant\u00e9rieures \u00e0 5.7.37",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 8.0.x ant\u00e9rieures \u00e0 8.0.28",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Server versions 8.0.x ant\u00e9rieures \u00e0 8.0.28",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-21253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21253"
    },
    {
      "name": "CVE-2022-21363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21363"
    },
    {
      "name": "CVE-2022-21331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21331"
    },
    {
      "name": "CVE-2022-21322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21322"
    },
    {
      "name": "CVE-2022-21315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21315"
    },
    {
      "name": "CVE-2022-21379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21379"
    },
    {
      "name": "CVE-2022-21314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21314"
    },
    {
      "name": "CVE-2022-21311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21311"
    },
    {
      "name": "CVE-2022-21337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21337"
    },
    {
      "name": "CVE-2022-21297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21297"
    },
    {
      "name": "CVE-2022-21285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21285"
    },
    {
      "name": "CVE-2022-21320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21320"
    },
    {
      "name": "CVE-2022-21310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21310"
    },
    {
      "name": "CVE-2022-21332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21332"
    },
    {
      "name": "CVE-2022-21302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21302"
    },
    {
      "name": "CVE-2022-21351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21351"
    },
    {
      "name": "CVE-2022-21330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21330"
    },
    {
      "name": "CVE-2022-21286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21286"
    },
    {
      "name": "CVE-2022-21304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
    },
    {
      "name": "CVE-2022-21327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21327"
    },
    {
      "name": "CVE-2022-21335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21335"
    },
    {
      "name": "CVE-2022-21321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21321"
    },
    {
      "name": "CVE-2022-21303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
    },
    {
      "name": "CVE-2022-21284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21284"
    },
    {
      "name": "CVE-2022-21316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21316"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-21356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21356"
    },
    {
      "name": "CVE-2022-21358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21358"
    },
    {
      "name": "CVE-2022-21324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21324"
    },
    {
      "name": "CVE-2022-21342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21342"
    },
    {
      "name": "CVE-2022-21357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21357"
    },
    {
      "name": "CVE-2022-21270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
    },
    {
      "name": "CVE-2022-21323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21323"
    },
    {
      "name": "CVE-2022-21326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21326"
    },
    {
      "name": "CVE-2022-21301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21301"
    },
    {
      "name": "CVE-2022-21264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21264"
    },
    {
      "name": "CVE-2022-21362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21362"
    },
    {
      "name": "CVE-2022-21329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21329"
    },
    {
      "name": "CVE-2022-21380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21380"
    },
    {
      "name": "CVE-2022-21249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21249"
    },
    {
      "name": "CVE-2022-21265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21265"
    },
    {
      "name": "CVE-2022-21254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21254"
    },
    {
      "name": "CVE-2022-21325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21325"
    },
    {
      "name": "CVE-2022-21307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21307"
    },
    {
      "name": "CVE-2022-21372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21372"
    },
    {
      "name": "CVE-2022-21355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21355"
    },
    {
      "name": "CVE-2022-21256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21256"
    },
    {
      "name": "CVE-2022-21280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21280"
    },
    {
      "name": "CVE-2022-21368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21368"
    },
    {
      "name": "CVE-2022-21333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21333"
    },
    {
      "name": "CVE-2022-21288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21288"
    },
    {
      "name": "CVE-2022-21318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21318"
    },
    {
      "name": "CVE-2022-21289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21289"
    },
    {
      "name": "CVE-2022-21348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21348"
    },
    {
      "name": "CVE-2022-21328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21328"
    },
    {
      "name": "CVE-2022-21278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21278"
    },
    {
      "name": "CVE-2022-21319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21319"
    },
    {
      "name": "CVE-2022-21308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21308"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2022-21287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21287"
    },
    {
      "name": "CVE-2022-21378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21378"
    },
    {
      "name": "CVE-2022-21336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21336"
    },
    {
      "name": "CVE-2022-21309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21309"
    },
    {
      "name": "CVE-2022-21344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
    },
    {
      "name": "CVE-2022-21367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
    },
    {
      "name": "CVE-2022-21279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21279"
    },
    {
      "name": "CVE-2022-21317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21317"
    },
    {
      "name": "CVE-2022-21352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21352"
    },
    {
      "name": "CVE-2022-21312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21312"
    },
    {
      "name": "CVE-2022-21290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21290"
    },
    {
      "name": "CVE-2022-21334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21334"
    },
    {
      "name": "CVE-2022-21374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21374"
    },
    {
      "name": "CVE-2022-21370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21370"
    },
    {
      "name": "CVE-2022-21313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21313"
    },
    {
      "name": "CVE-2022-21245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
    },
    {
      "name": "CVE-2021-3634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3634"
    },
    {
      "name": "CVE-2022-21339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-21339"
    }
  ],
  "initial_release_date": "2022-01-19T00:00:00",
  "last_revision_date": "2022-01-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-052",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-01-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle MySQL.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni\nde service \u00e0 distance, une ex\u00e9cution de code arbitraire et une atteinte\n\u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2022.html du 18 janvier 2022",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL"
    }
  ]
}

GSD-2021-22946

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-22946

Aliases

CVE-2021-22946

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-22946",
    "description": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
    "id": "GSD-2021-22946",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-22946.html",
      "https://access.redhat.com/errata/RHSA-2022:0635",
      "https://access.redhat.com/errata/RHSA-2021:4059",
      "https://ubuntu.com/security/CVE-2021-22946",
      "https://advisories.mageia.org/CVE-2021-22946.html",
      "https://security.archlinux.org/CVE-2021-22946",
      "https://access.redhat.com/errata/RHSA-2022:1354",
      "https://alas.aws.amazon.com/cve/html/CVE-2021-22946.html",
      "https://linux.oracle.com/cve/CVE-2021-22946.html",
      "https://www.debian.org/security/2022/dsa-5197"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-22946"
      ],
      "details": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
      "id": "GSD-2021-22946",
      "modified": "2023-12-13T01:23:24.835747Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "support@hackerone.com",
        "ID": "CVE-2021-22946",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "https://github.com/curl/curl",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "curl 7.20.0 to and including 7.78.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Missing Required Cryptographic Step (CWE-325)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://hackerone.com/reports/1334111",
            "refsource": "MISC",
            "url": "https://hackerone.com/reports/1334111"
          },
          {
            "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
          },
          {
            "name": "FEDORA-2021-fc96a3a749",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "FEDORA-2021-1d24845e93",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20211029-0003/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220121-0008/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
          },
          {
            "name": "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "name": "https://support.apple.com/kb/HT213183",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT213183"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "DSA-5197",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5197"
          },
          {
            "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
          },
          {
            "name": "GLSA-202212-01",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202212-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4CACB6A8-0CF6-4283-BB33-FE3B0026A23E",
                    "versionEndExcluding": "7.79.0",
                    "versionStartIncluding": "7.20.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                    "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "10323322-F6C0-4EA7-9344-736F7A80AA5F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C2A5B24D-BDF2-423C-98EA-A40778C01A05",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DF616620-88CE-4A77-B904-C1728A2E6F9B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3AA09838-BF13-46AC-BB97-A69F48B73A8A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "175B97A7-0B00-4378-AD9F-C01B6D9FD570",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E667933A-37EA-4BC2-9180-C3B4B7038866",
                    "versionEndIncluding": "5.7.35",
                    "versionStartIncluding": "5.7.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "709E83B4-8C66-4255-870B-2F72B37BA8C6",
                    "versionEndIncluding": "8.0.26",
                    "versionStartIncluding": "8.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9060C1B6-F101-46AE-8B08-6D6951304916",
                    "versionEndExcluding": "12.3",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
                    "versionEndExcluding": "1.0.1.1",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
                    "matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3C2BC68D-C8B2-4C8B-9426-21F00CBDD873",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B61A7946-F554-44A9-9E41-86114E4B4914",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5722E753-75DE-4944-A11B-556CB299B57D",
                    "versionEndExcluding": "8.2.12",
                    "versionStartIncluding": "8.2.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DC0F9351-81A4-4FEA-B6B5-6E960A933D32",
                    "versionEndExcluding": "9.0.6",
                    "versionStartIncluding": "9.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network."
          },
          {
            "lang": "es",
            "value": "Un usuario puede decirle a curl versiones posteriores a 7.20.0 incluy\u00e9ndola , y versiones anteriores a 7.78.0 incluy\u00e9ndola, que requiera una actualizaci\u00f3n con \u00e9xito a TLS cuando hable con un servidor IMAP, POP3 o FTP (\"--ssl-reqd\" en la l\u00ednea de comandos o \"CURLOPT_USE_SSL\" configurado como \"CURLUSESSL_CONTROL\" o \"CURLUSESSL_ALL\" conlibcurl). Este requisito podr\u00eda ser omitido si el servidor devolviera una respuesta correctamente dise\u00f1ada pero perfectamente leg\u00edtima. Este fallo har\u00eda que curl continuara silenciosamente sus operaciones **withoutTLS** en contra de las instrucciones y expectativas, exponiendo posiblemente datos confidenciales en texto sin cifrar a trav\u00e9s de la red"
          }
        ],
        "id": "CVE-2021-22946",
        "lastModified": "2024-03-27T15:12:52.090",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2021-09-29T20:15:08.187",
        "references": [
          {
            "source": "support@hackerone.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Exploit",
              "Issue Tracking",
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://hackerone.com/reports/1334111"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://security.gentoo.org/glsa/202212-01"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Release Notes",
              "Third Party Advisory"
            ],
            "url": "https://support.apple.com/kb/HT213183"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5197"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "source": "support@hackerone.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          }
        ],
        "sourceIdentifier": "support@hackerone.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-319"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-325"
              }
            ],
            "source": "support@hackerone.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

FKIE_CVE-2021-22946

Vulnerability from fkie_nvd - Published: 2021-09-29 20:15 - Updated: 2024-11-21 05:50

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
support@hackerone.com	http://seclists.org/fulldisclosure/2022/Mar/29	Mailing List, Third Party Advisory
support@hackerone.com	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch, Third Party Advisory
support@hackerone.com	https://hackerone.com/reports/1334111	Exploit, Issue Tracking, Patch, Third Party Advisory
support@hackerone.com	https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/	Mailing List, Third Party Advisory
support@hackerone.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/	Mailing List, Third Party Advisory
support@hackerone.com	https://security.gentoo.org/glsa/202212-01	Third Party Advisory
support@hackerone.com	https://security.netapp.com/advisory/ntap-20211029-0003/	Third Party Advisory
support@hackerone.com	https://security.netapp.com/advisory/ntap-20220121-0008/	Third Party Advisory
support@hackerone.com	https://support.apple.com/kb/HT213183	Release Notes, Third Party Advisory
support@hackerone.com	https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpujan2022.html	Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory
support@hackerone.com	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2022/Mar/29	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://hackerone.com/reports/1334111	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202212-01	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20211029-0003/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20220121-0008/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT213183	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujul2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
haxx	curl	*
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0
fedoraproject	fedora	33
fedoraproject	fedora	35
netapp	cloud_backup	-
netapp	clustered_data_ontap	-
netapp	oncommand_insight	-
netapp	oncommand_workflow_automation	-
netapp	snapcenter	-
netapp	h300s_firmware	-
netapp	h300s	-
netapp	h500s_firmware	-
netapp	h500s	-
netapp	h700s_firmware	-
netapp	h700s	-
netapp	h300e_firmware	-
netapp	h300e	-
netapp	h500e_firmware	-
netapp	h500e	-
netapp	h700e_firmware	-
netapp	h700e	-
netapp	h410s_firmware	-
netapp	h410s	-
netapp	solidfire_baseboard_management_controller_firmware	-
netapp	solidfire_baseboard_management_controller	-
oracle	communications_cloud_native_core_binding_support_function	1.11.0
oracle	communications_cloud_native_core_network_function_cloud_native_environment	1.10.0
oracle	communications_cloud_native_core_network_repository_function	1.15.0
oracle	communications_cloud_native_core_network_repository_function	1.15.1
oracle	communications_cloud_native_core_network_slice_selection_function	1.8.0
oracle	communications_cloud_native_core_service_communication_proxy	1.15.0
oracle	mysql_server	*
oracle	mysql_server	*
oracle	peoplesoft_enterprise_peopletools	8.57
oracle	peoplesoft_enterprise_peopletools	8.58
oracle	peoplesoft_enterprise_peopletools	8.59
apple	macos	*
siemens	sinec_infrastructure_network_services	*
oracle	commerce_guided_search	11.3.2
oracle	communications_cloud_native_core_binding_support_function	22.1.3
oracle	communications_cloud_native_core_console	22.2.0
oracle	communications_cloud_native_core_network_repository_function	22.1.0
oracle	communications_cloud_native_core_network_repository_function	22.2.0
oracle	communications_cloud_native_core_security_edge_protection_proxy	22.1.1
splunk	universal_forwarder	*
splunk	universal_forwarder	*
splunk	universal_forwarder	9.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CACB6A8-0CF6-4283-BB33-FE3B0026A23E",
              "versionEndExcluding": "7.79.0",
              "versionStartIncluding": "7.20.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "10323322-F6C0-4EA7-9344-736F7A80AA5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A5B24D-BDF2-423C-98EA-A40778C01A05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF616620-88CE-4A77-B904-C1728A2E6F9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA09838-BF13-46AC-BB97-A69F48B73A8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "175B97A7-0B00-4378-AD9F-C01B6D9FD570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E667933A-37EA-4BC2-9180-C3B4B7038866",
              "versionEndIncluding": "5.7.35",
              "versionStartIncluding": "5.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "709E83B4-8C66-4255-870B-2F72B37BA8C6",
              "versionEndIncluding": "8.0.26",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9060C1B6-F101-46AE-8B08-6D6951304916",
              "versionEndExcluding": "12.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
              "versionEndExcluding": "1.0.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2BC68D-C8B2-4C8B-9426-21F00CBDD873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B61A7946-F554-44A9-9E41-86114E4B4914",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5722E753-75DE-4944-A11B-556CB299B57D",
              "versionEndExcluding": "8.2.12",
              "versionStartIncluding": "8.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC0F9351-81A4-4FEA-B6B5-6E960A933D32",
              "versionEndExcluding": "9.0.6",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network."
    },
    {
      "lang": "es",
      "value": "Un usuario puede decirle a curl versiones posteriores a 7.20.0 incluy\u00e9ndola , y versiones anteriores a 7.78.0 incluy\u00e9ndola, que requiera una actualizaci\u00f3n con \u00e9xito a TLS cuando hable con un servidor IMAP, POP3 o FTP (\"--ssl-reqd\" en la l\u00ednea de comandos o \"CURLOPT_USE_SSL\" configurado como \"CURLUSESSL_CONTROL\" o \"CURLUSESSL_ALL\" conlibcurl). Este requisito podr\u00eda ser omitido si el servidor devolviera una respuesta correctamente dise\u00f1ada pero perfectamente leg\u00edtima. Este fallo har\u00eda que curl continuara silenciosamente sus operaciones **withoutTLS** en contra de las instrucciones y expectativas, exponiendo posiblemente datos confidenciales en texto sin cifrar a trav\u00e9s de la red"
    }
  ],
  "id": "CVE-2021-22946",
  "lastModified": "2024-11-21T05:50:59.587",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-29T20:15:08.187",
  "references": [
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1334111"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202212-01"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT213183"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5197"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "support@hackerone.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://hackerone.com/reports/1334111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202212-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20211029-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220121-0008/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://support.apple.com/kb/HT213183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2022/dsa-5197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    }
  ],
  "sourceIdentifier": "support@hackerone.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-325"
        }
      ],
      "source": "support@hackerone.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3CMQ-42W4-C529

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2024-03-27 15:30

Details

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (--ssl-reqd on the command line orCURLOPT_USE_SSL set to CURLUSESSL_CONTROL or CURLUSESSL_ALL withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations withoutTLS contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-22946"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-319",
      "CWE-325"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-29T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A user can tell curl \u003e= 7.20.0 and \u003c= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.",
  "id": "GHSA-3cmq-42w4-c529",
  "modified": "2024-03-27T15:30:35Z",
  "published": "2022-05-24T19:16:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22946"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1334111"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5197"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT213183"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220121-0008"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20211029-0003"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202212-01"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Mar/29"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2021-22946

Vulnerability from fstec - Published: 15.09.2021

Title

Уязвимость реализации команды «--ssl-reqd» программного средства для взаимодействия с серверами cURL, позволяющая нарушителю проводить атаки типа "человек посередине"

Description

Уязвимость реализации команды «--ssl-reqd» программного средства для взаимодействия с серверами cURL связана с передачей данных в открытом виде. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, проводить атаки типа «человек посередине»

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Vendor

Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Red Hat Inc., ООО «Ред Софт», Fedora Project, Daniel Stenberg, Microsoft Corp, ООО «Открытая мобильная платформа», АО «Концерн ВНИИНС»

Software Name

Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, РЕД ОС (запись в едином реестре российских программ №3751), Red Hat Software Collections, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Fedora, cURL, .NET Core, ОС Аврора (запись в едином реестре российских программ №1543), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 7.2 Муром (РЕД ОС), - (Red Hat Software Collections), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 33 (Fedora), от 7.20.0 до 7.79.0 (cURL), 3.1 on Red Hat Enterprise Linux (.NET Core), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), до 4.0.2.172 (ОС Аврора), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для Curl: https://curl.se/docs/CVE-2021-22946.html Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2021-22946 Для Debian GNU/Linux: https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ Для РедОС: http://repo.red-soft.ru/redos/7.2c/x86_64/updates/ Для Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211126SE16 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47 Для ОС Аврора 3.2.1: https://cve.omprussia.ru/bb13321 Для ОС Аврора 3.2.2: https://cve.omprussia.ru/bb14322 Для ОС Аврора 3.2.3: https://cve.omprussia.ru/bb15323 Для ОС Аврора 4.0.2: https://cve.omprussia.ru/bb16402 Для Astra Linux Special Edition для «Эльбрус» 8.1 «Ленинград»: обновить пакет curl до 7.52.1-5+deb9u16 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81 Для ОС ОН «Стрелец»: Обновление программного обеспечения curl до версии 7.52.1-5+deb9u16

Reference

https://access.redhat.com/security/cve/cve-2021-22946 https://curl.se/docs/CVE-2021-22946.html https://github.com/curl/curl/commit/364f174724ef115 https://hackerone.com/reports/1334111 https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/ https://nvd.nist.gov/vuln/detail/CVE-2021-22946 https://redos.red-soft.ru/updatesec/ https://www.cybersecurity-help.cz/vdb/SB2021091514 https://www.securitylab.ru/vulnerability/524485.php https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211126SE16 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47 https://cve.omprussia.ru/bb13321 https://cve.omprussia.ru/bb14322 https://cve.omprussia.ru/bb15323 https://cve.omprussia.ru/bb16402 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023

CWE

CWE-319, CWE-325

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Fedora Project, Daniel Stenberg, Microsoft Corp, \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 7.2 \u041c\u0443\u0440\u043e\u043c (\u0420\u0415\u0414 \u041e\u0421), - (Red Hat Software Collections), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 33 (Fedora), \u043e\u0442 7.20.0 \u0434\u043e 7.79.0 (cURL), 3.1 on Red Hat Enterprise Linux (.NET Core), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u0434\u043e 4.0.2.172 (\u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Curl:\nhttps://curl.se/docs/CVE-2021-22946.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2021-22946\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://lists.debian.org/debian-lts-announce/2021/09/msg00022.html\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.2c/x86_64/updates/\n\n\u0414\u043b\u044f Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20211126SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.1: https://cve.omprussia.ru/bb13321\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.2: https://cve.omprussia.ru/bb14322\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 3.2.3: https://cve.omprussia.ru/bb15323\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 4.0.2: https://cve.omprussia.ru/bb16402\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 curl \u0434\u043e 7.52.1-5+deb9u16 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f curl \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 7.52.1-5+deb9u16",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.09.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.11.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-05649",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-22946",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Red Hat Software Collections, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Fedora, cURL, .NET Core, \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 8 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.2 \u041c\u0443\u0440\u043e\u043c  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Fedora Project Fedora 33 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.172 Aquarius CMP NS220 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.172 Byterg MVK-2020 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.172 F+ Life Tab Plus (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 4.0.2.172 Mashtab TrustPhone T1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u00ab--ssl-reqd\u00bb \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 cURL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \"\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\"",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0435\u0440\u0435\u0434\u0430\u0447\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u0432\u0438\u0434\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430 (CWE-319), \u041e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f (CWE-325)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u00ab--ssl-reqd\u00bb \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 cURL \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0442\u0438\u043f\u0430 \u00ab\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\u00bb",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2021-22946\nhttps://curl.se/docs/CVE-2021-22946.html\nhttps://github.com/curl/curl/commit/364f174724ef115\nhttps://hackerone.com/reports/1334111\nhttps://lists.debian.org/debian-lts-announce/2021/09/msg00022.html\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-22946\nhttps://redos.red-soft.ru/updatesec/\nhttps://www.cybersecurity-help.cz/vdb/SB2021091514\nhttps://www.securitylab.ru/vulnerability/524485.php\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20211126SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\nhttps://cve.omprussia.ru/bb13321\nhttps://cve.omprussia.ru/bb14322\nhttps://cve.omprussia.ru/bb15323\nhttps://cve.omprussia.ru/bb16402\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-319, CWE-325",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,5)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,2)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-22946 (GCVE-0-2021-22946)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solutions

Solution

Tags

Sightings

Nomenclature