Vulnerability-Lookup

CVE-2022-27782 (GCVE-0-2022-27782)

Vulnerability from cvelistv5 – Published: 2022-06-01 00:00 – Updated: 2026-04-16 13:55

Summary

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-840 - Business Logic Errors (CWE-840)

Assigner

hackerone

References

6 references

URL	Tags
https://hackerone.com/reports/1555796
https://security.netapp.com/advisory/ntap-2022060…
https://www.debian.org/security/2022/dsa-5197	vendor-advisory
https://lists.debian.org/debian-lts-announce/2022…	mailing-list
https://security.gentoo.org/glsa/202212-01	vendor-advisory
http://www.openwall.com/lists/oss-security/2023/03/20/6	mailing-list

Impacted products

1 product

Vendor	Product	Version
n/a	https://github.com/curl/curl	Affected: Fixed in 7.83.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.911Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1555796"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220609-0009/"
          },
          {
            "name": "DSA-5197",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2022/dsa-5197"
          },
          {
            "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
          },
          {
            "name": "GLSA-202212-01",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202212-01"
          },
          {
            "name": "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-27782",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-16T13:54:53.341982Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "CWE-295 Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-16T13:55:26.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "https://github.com/curl/curl",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in 7.83.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-840",
              "description": "Business Logic Errors (CWE-840)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-20T00:00:00.000Z",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "url": "https://hackerone.com/reports/1555796"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220609-0009/"
        },
        {
          "name": "DSA-5197",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2022/dsa-5197"
        },
        {
          "name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
        },
        {
          "name": "GLSA-202212-01",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202212-01"
        },
        {
          "name": "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/03/20/6"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2022-27782",
    "datePublished": "2022-06-01T00:00:00.000Z",
    "dateReserved": "2022-03-23T00:00:00.000Z",
    "dateUpdated": "2026-04-16T13:55:26.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-27782",
      "date": "2026-05-20",
      "epss": "0.00469",
      "percentile": "0.64725"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.83.1\", \"matchCriteriaId\": \"5A6699F9-0644-4957-ABE3-6394FC77FB37\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.2.0\", \"versionEndExcluding\": \"8.2.12\", \"matchCriteriaId\": \"5722E753-75DE-4944-A11B-556CB299B57D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.0.0\", \"versionEndExcluding\": \"9.0.6\", \"matchCriteriaId\": \"DC0F9351-81A4-4FEA-B6B5-6E960A933D32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.\"}, {\"lang\": \"es\", \"value\": \"libcurl reusaba una conexi\\u00f3n creada previamente incluso cuando hab\\u00eda sido cambiada una opci\\u00f3n relacionada con TLS o SSH que deber\\u00eda haber prohibido el re\\u00faso. libcurl mantiene las conexiones usadas previamente en un pool de conexiones para que las transferencias posteriores las re\\u00fasen si una de ellas coincide con la configuraci\\u00f3n. Sin embargo, varias opciones relacionadas con TLS y SSH se dejaron fuera de las comprobaciones de coincidencia de la configuraci\\u00f3n, lo que hizo que coincidieran con demasiada facilidad\"}]",
      "id": "CVE-2022-27782",
      "lastModified": "2024-11-21T06:56:10.790",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-06-02T14:15:44.663",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2023/03/20/6\", \"source\": \"support@hackerone.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://hackerone.com/reports/1555796\", \"source\": \"support@hackerone.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\", \"source\": \"support@hackerone.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202212-01\", \"source\": \"support@hackerone.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220609-0009/\", \"source\": \"support@hackerone.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5197\", \"source\": \"support@hackerone.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/03/20/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://hackerone.com/reports/1555796\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202212-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220609-0009/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5197\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "support@hackerone.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"support@hackerone.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-840\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-295\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-27782\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2022-06-02T14:15:44.663\",\"lastModified\":\"2026-04-16T15:16:48.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.\"},{\"lang\":\"es\",\"value\":\"libcurl reusaba una conexi\u00f3n creada previamente incluso cuando hab\u00eda sido cambiada una opci\u00f3n relacionada con TLS o SSH que deber\u00eda haber prohibido el re\u00faso. libcurl mantiene las conexiones usadas previamente en un pool de conexiones para que las transferencias posteriores las re\u00fasen si una de ellas coincide con la configuraci\u00f3n. Sin embargo, varias opciones relacionadas con TLS y SSH se dejaron fuera de las comprobaciones de coincidencia de la configuraci\u00f3n, lo que hizo que coincidieran con demasiada facilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-840\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.83.1\",\"matchCriteriaId\":\"5A6699F9-0644-4957-ABE3-6394FC77FB37\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndExcluding\":\"8.2.12\",\"matchCriteriaId\":\"5722E753-75DE-4944-A11B-556CB299B57D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.6\",\"matchCriteriaId\":\"DC0F9351-81A4-4FEA-B6B5-6E960A933D32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EED24E67-2957-4C1B-8FEA-E2D2FE7B97FC\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/03/20/6\",\"source\":\"support@hackerone.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://hackerone.com/reports/1555796\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\",\"source\":\"support@hackerone.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202212-01\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220609-0009/\",\"source\":\"support@hackerone.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5197\",\"source\":\"support@hackerone.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/03/20/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://hackerone.com/reports/1555796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202212-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220609-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5197\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://hackerone.com/reports/1555796\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220609-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5197\", \"name\": \"DSA-5197\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\", \"name\": \"[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202212-01\", \"name\": \"GLSA-202212-01\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/03/20/6\", \"name\": \"[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T05:32:59.911Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-27782\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-16T13:54:53.341982Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-295\", \"description\": \"CWE-295 Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-16T13:54:22.749Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"https://github.com/curl/curl\", \"versions\": [{\"status\": \"affected\", \"version\": \"Fixed in 7.83.1\"}]}], \"references\": [{\"url\": \"https://hackerone.com/reports/1555796\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220609-0009/\"}, {\"url\": \"https://www.debian.org/security/2022/dsa-5197\", \"name\": \"DSA-5197\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html\", \"name\": \"[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202212-01\", \"name\": \"GLSA-202212-01\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/03/20/6\", \"name\": \"[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-840\", \"description\": \"Business Logic Errors (CWE-840)\"}]}], \"providerMetadata\": {\"orgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"shortName\": \"hackerone\", \"dateUpdated\": \"2023-03-20T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-27782\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-16T13:55:26.270Z\", \"dateReserved\": \"2022-03-23T00:00:00.000Z\", \"assignerOrgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"datePublished\": \"2022-06-01T00:00:00.000Z\", \"assignerShortName\": \"hackerone\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2022-AVI-723

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans IBM MQ Operator et IBM MQ Advanced. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM MQ Advanced version v9.3.0.0-r1 antérieure à 9.2.0.6-r1-eus
IBM	N/A	IBM MQ Advanced version v9.2.0.5-r3 antérieure à 9.3.0.0-r2
IBM	N/A	IBM MQ Operator version 2.0.0 LTS antérieure à 2.0.1 LTS
IBM	N/A	IBM MQ Operator version 1.3.5 EUS antérieure à 1.3.6 EUS

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6611147 du 09 août 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM MQ Advanced version v9.3.0.0-r1 ant\u00e9rieure \u00e0 9.2.0.6-r1-eus",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM MQ Advanced version v9.2.0.5-r3 ant\u00e9rieure \u00e0 9.3.0.0-r2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM MQ Operator version 2.0.0 LTS ant\u00e9rieure \u00e0 2.0.1 LTS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM MQ Operator version 1.3.5 EUS ant\u00e9rieure \u00e0 1.3.6 EUS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-25313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-25314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-22475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22475"
    },
    {
      "name": "CVE-2022-22393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22393"
    },
    {
      "name": "CVE-2021-40528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40528"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-723",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM MQ Operator et\nIBM MQ Advanced. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM MQ",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6611147 du 09 ao\u00fbt 2022",
      "url": "https://www.ibm.com/support/pages/node/6611147"
    }
  ]
}

CERTFR-2022-AVI-831

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar	IBM Security QRadar Network Threat Analytics versions antérieures à 1.1.0
IBM	Sterling Control Center	IBM Sterling Control Center versions antérieures à 6.2.1.0 iFix08 Fix Central
IBM	Spectrum	IBM Spectrum Copy Data Management versions 2.2.x antérieures à 2.2.17
IBM	Spectrum	IBM Spectrum Protect Plus versions 10.1.x antérieures à 10.1.12

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6619919 du 17 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6618759 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620211 du 17 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6618757 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620213 du 16 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6620939 du 16 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Security QRadar Network Threat Analytics versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Control Center versions ant\u00e9rieures \u00e0 6.2.1.0 iFix08 Fix Central",
      "product": {
        "name": "Sterling Control Center",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Copy Data Management versions 2.2.x ant\u00e9rieures \u00e0 2.2.17",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect Plus versions 10.1.x ant\u00e9rieures \u00e0 10.1.12",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-32213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
    },
    {
      "name": "CVE-2022-33980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2020-29651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29651"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-32222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32222"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-32212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-32215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
    },
    {
      "name": "CVE-2022-32214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
    },
    {
      "name": "CVE-2020-28493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
    },
    {
      "name": "CVE-2022-32223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32223"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-831",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6619919 du 17 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6619919"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6618759 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6618759"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620211 du 17 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620211"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6618757 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6618757"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620213 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620213"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6620939 du 16 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6620939"
    }
  ]
}

CERTFR-2022-AVI-836

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	IBM	Cloud Pak	IBM Cloud Pak for Watson AIOps Infrastructure Automation versions antérieures à 3.4.2
	IBM	Spectrum	IBM Spectrum Protect Plus Affected versions 10.1.x antérieures à 10.1.12

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6621463 du 19 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6621311 du 19 septembre 2022	None	vendor-advisory
Bulletin de sécurité IBM 6621267 du 19 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Cloud Pak for Watson AIOps Infrastructure Automation versions ant\u00e9rieures \u00e0 3.4.2",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Protect Plus Affected versions 10.1.x ant\u00e9rieures \u00e0 10.1.12",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35946"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-33980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-24434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24434"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2022-31143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31143"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2022-35947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35947"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2022-31187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31187"
    },
    {
      "name": "CVE-2022-35945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35945"
    },
    {
      "name": "CVE-2022-36112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36112"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-836",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621463 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621463"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621311 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621311"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6621267 du 19 septembre 2022",
      "url": "https://www.ibm.com/support/pages/node/6621267"
    }
  ]
}

CERTFR-2023-AVI-0034

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Oracle. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	MySQL	MySQL Cluster versions 7.5.28 et antérieures
Oracle	MySQL	MySQL Shell versions 8.0.31 et antérieures
Oracle	PeopleSoft	PeopleSoft Enterprise CC Common Application Objects version 9.2
Oracle	MySQL	MySQL Server versions 5.7.40 et antérieures
Oracle	MySQL	MySQL Cluster versions 7.6.24 et antérieures
Oracle	Java SE	Oracle Java SE versions 8u351, 8u351-perf, 11.0.17, 17.0.5 et 19.0.1
Oracle	MySQL	MySQL Connectors versions 8.0.31 et antérieures
Oracle	Weblogic	Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0
Oracle	N/A	Oracle VM VirtualBox versions antérieures à 7.0.6
Oracle	MySQL	MySQL Workbench versions 8.0.31 et antérieures
Oracle	MySQL	MySQL Enterprise Monitor versions 8.0.32 et antérieures
Oracle	Database Server	Oracle Database Server versions 19c, 21c [Perl] antérieures à 5.35
Oracle	MySQL	MySQL Cluster versions 8.0.31 et antérieures
Oracle	MySQL	MySQL Server versions 8.0.31 et antérieures
Oracle	PeopleSoft	PeopleSoft Enterprise CS Academic Advisement version 9.2
Oracle	N/A	Oracle VM VirtualBox versions antérieures à 6.1.42
Oracle	MySQL	MySQL Cluster versions 7.4.38 et antérieures
Oracle	PeopleSoft	PeopleSoft Enterprise PeopleTools versions 8.58, 8.59 et 8.60

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujan2023 du 18 janvier 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "MySQL Cluster versions 7.5.28 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Shell versions 8.0.31 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "PeopleSoft Enterprise CC Common Application Objects version 9.2",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Server versions 5.7.40 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 7.6.24 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Java SE versions 8u351, 8u351-perf, 11.0.17, 17.0.5 et 19.0.1",
      "product": {
        "name": "Java SE",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Connectors versions 8.0.31 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0 et 14.1.1.0.0",
      "product": {
        "name": "Weblogic",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle VM VirtualBox versions ant\u00e9rieures \u00e0 7.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Workbench versions 8.0.31 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Enterprise Monitor versions 8.0.32 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database Server versions 19c, 21c [Perl] ant\u00e9rieures \u00e0 5.35",
      "product": {
        "name": "Database Server",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 8.0.31 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Server versions 8.0.31 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "PeopleSoft Enterprise CS Academic Advisement version 9.2",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle VM VirtualBox versions ant\u00e9rieures \u00e0 6.1.42",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "MySQL Cluster versions 7.4.38 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "PeopleSoft Enterprise PeopleTools versions 8.58, 8.59 et 8.60",
      "product": {
        "name": "PeopleSoft",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-21900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21900"
    },
    {
      "name": "CVE-2022-31129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
    },
    {
      "name": "CVE-2023-21843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
    },
    {
      "name": "CVE-2022-24407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
    },
    {
      "name": "CVE-2023-21893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21893"
    },
    {
      "name": "CVE-2023-21877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21877"
    },
    {
      "name": "CVE-2023-21885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21885"
    },
    {
      "name": "CVE-2022-22971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
    },
    {
      "name": "CVE-2023-21865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21865"
    },
    {
      "name": "CVE-2023-21898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21898"
    },
    {
      "name": "CVE-2023-21881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21881"
    },
    {
      "name": "CVE-2023-21830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
    },
    {
      "name": "CVE-2022-25647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
    },
    {
      "name": "CVE-2023-21874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21874"
    },
    {
      "name": "CVE-2023-21838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21838"
    },
    {
      "name": "CVE-2023-21878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21878"
    },
    {
      "name": "CVE-2020-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2023-21883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21883"
    },
    {
      "name": "CVE-2022-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
    },
    {
      "name": "CVE-2022-42252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
    },
    {
      "name": "CVE-2022-40149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
    },
    {
      "name": "CVE-2023-21889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21889"
    },
    {
      "name": "CVE-2018-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
    },
    {
      "name": "CVE-2023-21875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21875"
    },
    {
      "name": "CVE-2023-21872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21872"
    },
    {
      "name": "CVE-2023-21841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21841"
    },
    {
      "name": "CVE-2022-40150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
    },
    {
      "name": "CVE-2023-21864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21864"
    },
    {
      "name": "CVE-2023-21840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2022-31692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31692"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2023-21866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21866"
    },
    {
      "name": "CVE-2023-21842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21842"
    },
    {
      "name": "CVE-2023-21845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21845"
    },
    {
      "name": "CVE-2022-39429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39429"
    },
    {
      "name": "CVE-2023-21860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21860"
    },
    {
      "name": "CVE-2023-21844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21844"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2023-21871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21871"
    },
    {
      "name": "CVE-2023-21839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21839"
    },
    {
      "name": "CVE-2023-21887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21887"
    },
    {
      "name": "CVE-2023-21835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21835"
    },
    {
      "name": "CVE-2021-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
    },
    {
      "name": "CVE-2023-21873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21873"
    },
    {
      "name": "CVE-2023-21863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21863"
    },
    {
      "name": "CVE-2023-21876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21876"
    },
    {
      "name": "CVE-2020-36242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
    },
    {
      "name": "CVE-2023-21867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21867"
    },
    {
      "name": "CVE-2023-21899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21899"
    },
    {
      "name": "CVE-2023-21869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21869"
    },
    {
      "name": "CVE-2022-42920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
    },
    {
      "name": "CVE-2022-43548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
    },
    {
      "name": "CVE-2023-21836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21836"
    },
    {
      "name": "CVE-2023-21827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21827"
    },
    {
      "name": "CVE-2023-21870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21870"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2023-21879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21879"
    },
    {
      "name": "CVE-2021-3918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
    },
    {
      "name": "CVE-2023-21882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21882"
    },
    {
      "name": "CVE-2023-21886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21886"
    },
    {
      "name": "CVE-2023-21837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21837"
    },
    {
      "name": "CVE-2023-21831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21831"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2023-21880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21880"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2023-21829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21829"
    },
    {
      "name": "CVE-2023-21884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21884"
    },
    {
      "name": "CVE-2023-21868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21868"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0034",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-01-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nOracle. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2023 du 18 janvier 2023",
      "url": "https://www.oracle.com/security-alerts/cpujan2023.html"
    }
  ]
}

CERTFR-2023-AVI-0428

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Splunk	N/A	Splunk Universal Forwarders versions 8.2.x antérieures à 8.2.11
Splunk	Splunk Enterprise	Splunk Enterprise versions antérieures à 8.1.14
Splunk	N/A	Splunk App for Lookup File Editing versions antérieures à 4.0.1
Splunk	N/A	Splunk App for Stream versions antérieures à 8.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.0.x antérieures à 9.0.5
Splunk	N/A	Splunk Cloud versions antérieures à 9.0.2303.100
Splunk	N/A	Splunk Universal Forwarders versions 9.0.x antérieures à 9.0.5
Splunk	N/A	Splunk Universal Forwarders versions antérieures à 8.1.14
Splunk	Splunk Enterprise	Splunk Enterprise versions 8.2.x antérieures à 8.2.11

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2023-0603 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0609 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0607 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0602 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0613 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0608 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0610 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0611 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0614 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0601 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0605 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0606 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0615 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0604 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0612 du 01 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk Universal Forwarders versions 8.2.x ant\u00e9rieures \u00e0 8.2.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions ant\u00e9rieures \u00e0 8.1.14",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk App for Lookup File Editing versions ant\u00e9rieures \u00e0 4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk App for Stream versions ant\u00e9rieures \u00e0 8.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.5",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud versions ant\u00e9rieures \u00e0 9.0.2303.100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarders versions 9.0.x ant\u00e9rieures \u00e0 9.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarders versions ant\u00e9rieures \u00e0 8.1.14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.11",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-31129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-1370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2022-46175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2020-7753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7753"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2020-8116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8116"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2021-33502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2021-33503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33503"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2023-32715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32715"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-37603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-7774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2021-27292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-32717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32717"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2023-32708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32708"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2021-33587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33587"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2022-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
    },
    {
      "name": "CVE-2020-13822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13822"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2021-20095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20095"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2019-10744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2021-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
    },
    {
      "name": "CVE-2023-32716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32716"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2023-32711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32711"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2021-3803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2022-40023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2022-43680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2021-31566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
    },
    {
      "name": "CVE-2023-32712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32712"
    },
    {
      "name": "CVE-2022-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4200"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2021-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2020-8203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
    },
    {
      "name": "CVE-2023-32710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32710"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2019-20149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20149"
    },
    {
      "name": "CVE-2022-38900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
    },
    {
      "name": "CVE-2017-16042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16042"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2023-32706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32706"
    },
    {
      "name": "CVE-2019-10746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10746"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2020-15138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15138"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2021-23368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
    },
    {
      "name": "CVE-2021-29060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2023-32709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32709"
    },
    {
      "name": "CVE-2022-37616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37616"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2020-7662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7662"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2022-23491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2020-28469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2023-32707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32707"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-32713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32713"
    },
    {
      "name": "CVE-2022-25858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
    },
    {
      "name": "CVE-2023-32714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32714"
    },
    {
      "name": "CVE-2019-8331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0428",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eSplunk\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0603 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0603"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0609 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0609"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0607 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0607"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0602 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0602"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0613 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0613"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0608 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0608"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0610 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0610"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0611 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0611"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0614 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0614"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0601 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0601"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0605 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0605"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0606 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0606"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0615 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0615"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0604 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0604"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0612 du 01 juin 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0612"
    }
  ]
}

CERTFR-2023-AVI-0499

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Tenable	Nessus Network Monitor	Nessus Network Monitor versions antérieures à 6.2.2

References

Title

Publication Time

Tags

Bulletin de sécurité Tenable tns-2023-23 du 29 juin 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.2",
      "product": {
        "name": "Nessus Network Monitor",
        "vendor": {
          "name": "Tenable",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2016-1838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2020-24977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
    },
    {
      "name": "CVE-2012-5134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5134"
    },
    {
      "name": "CVE-2016-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2016-9596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9596"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2013-0338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0338"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2021-3537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2017-1000381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000381"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2023-31124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
    },
    {
      "name": "CVE-2022-31160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-23395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23395"
    },
    {
      "name": "CVE-2022-4904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
    },
    {
      "name": "CVE-2023-32067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
    },
    {
      "name": "CVE-2017-1000061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
    },
    {
      "name": "CVE-2017-9048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2012-6139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-35525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
    },
    {
      "name": "CVE-2017-9050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2016-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
    },
    {
      "name": "CVE-2017-15412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
    },
    {
      "name": "CVE-2016-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
    },
    {
      "name": "CVE-2017-16932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
    },
    {
      "name": "CVE-2013-1969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1969"
    },
    {
      "name": "CVE-2017-5029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2015-9019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2016-3705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2015-8241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8241"
    },
    {
      "name": "CVE-2016-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2011-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2012-2871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2011-1944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
    },
    {
      "name": "CVE-2015-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2016-1834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2019-11068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
    },
    {
      "name": "CVE-2012-2870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2013-0339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0339"
    },
    {
      "name": "CVE-2016-1684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2019-20388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
    },
    {
      "name": "CVE-2019-13117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13117"
    },
    {
      "name": "CVE-2019-20218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
    },
    {
      "name": "CVE-2023-31147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2015-7499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2016-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
    },
    {
      "name": "CVE-2017-5130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5130"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2015-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2015-5312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2016-2073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2073"
    },
    {
      "name": "CVE-2015-7497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7497"
    },
    {
      "name": "CVE-2015-7941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7941"
    },
    {
      "name": "CVE-2016-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
    },
    {
      "name": "CVE-2015-7995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
    },
    {
      "name": "CVE-2015-7942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
    },
    {
      "name": "CVE-2015-8710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8710"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2015-7498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7498"
    },
    {
      "name": "CVE-2015-8317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8317"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2016-3627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
    },
    {
      "name": "CVE-2021-3672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
    },
    {
      "name": "CVE-2015-8242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2016-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2016-9598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9598"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2019-13118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13118"
    },
    {
      "name": "CVE-2016-4607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2016-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2018-9251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2016-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
    },
    {
      "name": "CVE-2016-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2016-9597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9597"
    },
    {
      "name": "CVE-2015-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8806"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2016-1839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
    },
    {
      "name": "CVE-2016-5180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
    },
    {
      "name": "CVE-2013-2877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2877"
    },
    {
      "name": "CVE-2021-45346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2021-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2017-7376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2017-9049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2023-31130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
    },
    {
      "name": "CVE-2016-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2019-5815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5815"
    },
    {
      "name": "CVE-2019-19959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2011-1202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
    },
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2017-8872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
    },
    {
      "name": "CVE-2020-35527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
    },
    {
      "name": "CVE-2016-1683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
    },
    {
      "name": "CVE-2021-3518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
    },
    {
      "name": "CVE-2017-5969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2016-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4483"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2013-4520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4520"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0499",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Network Monitor",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-23 du 29 juin 2023",
      "url": "https://www.tenable.com/security/tns-2023-23"
    }
  ]
}

CERTFR-2023-AVI-0526

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC MV540 H (6GF3540-0GE10) versions antérieures à 3.3.4
Siemens	N/A	SIMATIC MV560 X (6GF3560-0HE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX5000 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX MX5000 versions antérieures à 2.16.0
Siemens	N/A	Tecnomatix Plant Simulation versions 2302.x antérieures à 2302.0002
Siemens	N/A	SIMATIC MV540 S (6GF3540-0CD10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1512 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1501 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC MV550 H (6GF3550-0GE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1524 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC MV550 S (6GF3550-0CD10) versions antérieures à 3.3.4
Siemens	N/A	SIMATIC MV560 U (6GF3560-0LE10) versions antérieures à 3.3.4
Siemens	N/A	RUGGEDCOM ROX RX1536 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1400 versions antérieures à 2.16.0
Siemens	N/A	SIMATIC CN 4100 versions antérieures à 2.5
Siemens	N/A	RUGGEDCOM ROX RX1511 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1500 versions antérieures à 2.16.0
Siemens	N/A	RUGGEDCOM ROX RX1510 versions antérieures à 2.16.0
Siemens	N/A	Tecnomatix Plant Simulation versions 2201.x antérieures à 2201.0008
Siemens	N/A	SiPass integrated versions antérieures à 2.90.3.8
Siemens	N/A	RUGGEDCOM ROX MX5000RE versions antérieures à 2.16.0

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-764801 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-561322 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-313488 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-924149 du 11 juillet 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-146325 du 11 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC MV540 H (6GF3540-0GE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV560 X (6GF3560-0HE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX5000 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX MX5000 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Tecnomatix Plant Simulation versions 2302.x ant\u00e9rieures \u00e0 2302.0002",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV540 S (6GF3540-0CD10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1512 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1501 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV550 H (6GF3550-0GE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1524 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV550 S (6GF3550-0CD10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC MV560 U (6GF3560-0LE10) versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1536 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1400 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 2.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1511 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1500 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX RX1510 versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Tecnomatix Plant Simulation versions 2201.x ant\u00e9rieures \u00e0 2201.0008",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiPass integrated versions ant\u00e9rieures \u00e0 2.90.3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM ROX MX5000RE versions ant\u00e9rieures \u00e0 2.16.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-36751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36751"
    },
    {
      "name": "CVE-2023-37247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37247"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-36755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36755"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2023-36753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36753"
    },
    {
      "name": "CVE-2023-36749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36749"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-48285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48285"
    },
    {
      "name": "CVE-2023-36390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36390"
    },
    {
      "name": "CVE-2023-37376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37376"
    },
    {
      "name": "CVE-2023-36389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36389"
    },
    {
      "name": "CVE-2023-36750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36750"
    },
    {
      "name": "CVE-2023-29131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29131"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-36521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36521"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2023-35920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35920"
    },
    {
      "name": "CVE-2023-29130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29130"
    },
    {
      "name": "CVE-2022-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29562"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2019-14196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14196"
    },
    {
      "name": "CVE-2023-35921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35921"
    },
    {
      "name": "CVE-2023-36754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36754"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2023-36752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36752"
    },
    {
      "name": "CVE-2022-1012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1012"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-36386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36386"
    },
    {
      "name": "CVE-2023-37374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37374"
    },
    {
      "name": "CVE-2022-36946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36946"
    },
    {
      "name": "CVE-2023-37375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37375"
    },
    {
      "name": "CVE-2022-29561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29561"
    },
    {
      "name": "CVE-2022-30767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30767"
    },
    {
      "name": "CVE-2023-36748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36748"
    },
    {
      "name": "CVE-2023-37248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37248"
    },
    {
      "name": "CVE-2022-31810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31810"
    },
    {
      "name": "CVE-2023-37246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37246"
    },
    {
      "name": "CVE-2022-24903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0526",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-764801 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-764801.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-561322 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-561322.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-313488 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-313488.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-924149 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-924149.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-146325 du 11 juillet 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-146325.html"
    }
  ]
}

CERTFR-2023-AVI-0701

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Splunk	Universal Forwarder	Universal Forwarder versions 9.0.x antérieures à 9.0.6
Splunk	N/A	Splunk ITSI versions 4.15.x antérieures à 4.15.3
Splunk	Universal Forwarder	Universal Forwarder versions 8.2.x antérieures à 8.2.12
Splunk	N/A	Splunk Cloud versions antérieures à 9.0.2305.200
Splunk	Universal Forwarder	Universal Forwarder versions 9.1.x antérieures à 9.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 8.2.x antérieures à 8.2.12
Splunk	N/A	Splunk ITSI versions 4.13.x antérieures à 4.13.3
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.1.x antérieures à 9.1.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.0.x antérieures à 9.0.6

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2023-0802 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0804 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0806 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0810 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0807 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0808 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0803 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0801 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0805 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0809 du 30 août 2023	None	vendor-advisory
Bulletin de sécurité Splunk SVD-2023-0811 du 30 août 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Universal Forwarder versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk ITSI versions 4.15.x ant\u00e9rieures \u00e0 4.15.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Universal Forwarder versions 8.2.x ant\u00e9rieures \u00e0 8.2.12",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud versions ant\u00e9rieures \u00e0 9.0.2305.200",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.1",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.12",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk ITSI versions 4.13.x ant\u00e9rieures \u00e0 4.13.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.1.x ant\u00e9rieures \u00e0 9.1.1",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2022-40899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40899"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-31129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2021-27919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27919"
    },
    {
      "name": "CVE-2019-20454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20454"
    },
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2022-27191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
    },
    {
      "name": "CVE-2022-46175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-3572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
    },
    {
      "name": "CVE-2023-4571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4571"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2022-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27536"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2020-28851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
    },
    {
      "name": "CVE-2021-33196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
    },
    {
      "name": "CVE-2021-31525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2019-20838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-37603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
    },
    {
      "name": "CVE-2022-41722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
    },
    {
      "name": "CVE-2021-41182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
    },
    {
      "name": "CVE-2023-40592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40592"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2021-33197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
    },
    {
      "name": "CVE-2021-27918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2022-33987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-40596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40596"
    },
    {
      "name": "CVE-2023-40594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40594"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2023-40595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40595"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2022-41720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2022-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
    },
    {
      "name": "CVE-2021-41184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
    },
    {
      "name": "CVE-2021-41183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-37601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2021-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
    },
    {
      "name": "CVE-2023-40597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40597"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2021-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2018-10237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2021-3803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2020-29652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2022-40023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
    },
    {
      "name": "CVE-2021-22569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2022-25881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
    },
    {
      "name": "CVE-2021-31566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
    },
    {
      "name": "CVE-2021-29923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2022-30634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2021-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2021-33194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2022-38900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
    },
    {
      "name": "CVE-2023-40598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40598"
    },
    {
      "name": "CVE-2013-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7489"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2023-40593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40593"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2018-20225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2021-44717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-29804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-37599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2021-29060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
    },
    {
      "name": "CVE-2021-43565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2021-20066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20066"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2022-23491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2020-28469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2021-33195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0701",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-08-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Splunk",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0802 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0802"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0804 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0804"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0806 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0806"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0810 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0810"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0807 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0807"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0808 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0808"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0803 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0803"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0801 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0801"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0805 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0805"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0809 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0809"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0811 du 30 ao\u00fbt 2023",
      "url": "https://advisory.splunk.com/advisories/SVD-2023-0811"
    }
  ]
}

CERTFR-2023-AVI-1015

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions
Siemens	N/A	SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-7 LTE toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures ou égales àV6.1 versions antérieures à V6.1 HF2
Siemens	N/A	SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions
Siemens	N/A	SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V8.0
Siemens	N/A	Opcenter Quality toutes versions
Siemens	N/A	SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions
Siemens	N/A	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V8.0
Siemens	N/A	SINEC INS versions antérieures à V1.0 SP2 Update 2
Siemens	N/A	SIMATIC PC-Station Plus toutes versions
Siemens	N/A	SINAMICS S210 (6SL5...) versions supérieures à V6.1 et antérieure à V6.1 HF2
Siemens	N/A	SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions
Siemens	N/A	SIMATIC PCS neo versions antérieures à V4.1
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions
Siemens	N/A	SINUMERIK ONE toutes versions
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions
Siemens	N/A	SINUMERIK MC toutes versions
Siemens	N/A	SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions antérieures à V2.60
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V8.0
Siemens	N/A	SINAMICS S120 (incl. SIPLUS variants) versions antérieures à V5.2 SP3 HF15
Siemens	N/A	SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	Totally Integrated Automation Portal (TIA Portal) versions V14 à V18 antérieures à V18 Update 3
Siemens	N/A	SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions antérieures à V8.0
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions antérieures à V8.0
Siemens	N/A	POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions antérieures à V2.60
Siemens	N/A	SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions antérieures à V8.0
Siemens	N/A	LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC STEP 7 (TIA Portal) versions antérieures à V19
Siemens	N/A	LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SINUMERIK Integrate RunMyHMI /Automotive toutes versions
Siemens	N/A	SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions
Siemens	N/A	SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions
Siemens	N/A	SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions
Siemens	N/A	SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-PLCSIM Advanced versions antérieures à V6.0
Siemens	N/A	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions antérieures à V3.1.0
Siemens	N/A	SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions antérieures à V7.2.2
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions
Siemens	N/A	SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions supérieures ou égales à V8.3
Siemens	N/A	SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions
Siemens	N/A	SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions antérieures à V7.2.2
Siemens	N/A	SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions antérieures à V3.1.0
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions antérieures à V8.0
Siemens	N/A	SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions
Siemens	N/A	RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions
Siemens	N/A	SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions
Siemens	N/A	SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions
Siemens	N/A	SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions
Siemens	N/A	SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions
Siemens	N/A	SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-844582 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-180704 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-077170 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-480095 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-118850 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-068047 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-892915 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-999588 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-280603 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-693975 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-887801 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-592380 du 12 décembre 2023	None	vendor-advisory
Bulletin de sécurité Siemens SSA-398330 du 12 décembre 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-7 LTE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511T-1 PN (6ES7511-1TL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures ou \u00e9gales \u00e0V6.1 versions ant\u00e9rieures \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515TF-2 PN (6ES7515-2UN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP01-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515T-2 PN (6ES7515-2TN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCEo (6ED1052-2FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 230RCE (6ED1052-1FB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP F-2 PN (6ES7514-2SN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP (6AG1518-4AP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1507D TF (6ES7615-7DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511C-1 PN (6ES7511-1CL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 12/24RCE (6ED1052-1MD08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Quality toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP (6ES7516-3UN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP F-1 PN (6ES7510-1SK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP (6ES7518-4AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1511TF-1 PN (6ES7511-1UL03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CE (6ED1052-1CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517F-3 PN/DP (6ES7517-3FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT F-2 PN (6ES7514-2WN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1510SP-1 PN (6ES7510-1DK03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517T-3 PN/DP (6ES7517-3TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518T-4 PN/DP (6ES7518-4TP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP-1 PN (6ES7512-1DM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24CEo (6ED1052-2CC08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEC INS versions ant\u00e9rieures \u00e0 V1.0 SP2 Update 2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PC-Station Plus toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S210 (6SL5...) versions sup\u00e9rieures \u00e0 V6.1 et ant\u00e9rieure \u00e0 V6.1 HF2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (6GK5876-4AA10-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-2 (6GK5874-2AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V4.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK ONE toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK MC toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SPT-2 PN (6ES7514-2VN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS S120 (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V5.2 SP3 HF15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Totally Integrated Automation Portal (TIA Portal) versions V14 \u00e0 V18 ant\u00e9rieures \u00e0 V18 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517-3 PN/DP (6ES7517-3AP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1514SP-2 PN (6ES7514-2DN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516T-3 PN/DP (6ES7516-3TN00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518F-4 PN/DP (6ES7518-4FP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FN03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 V2.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP (6ES7518-4UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCE (6ED1052-1HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V19",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 24RCEo (6ED1052-2HB08-0BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Integrate RunMyHMI /Automotive toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M804PB (6GK5804-0AP00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 (6GK5615-0AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FP03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS S7-1500 CPU 1518F-4 PN/DP (6AG1518-4FP00-4AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) toutes versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512SP F-1 PN (6ES7512-1SM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-1 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) versions ant\u00e9rieures \u00e0 V7.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP (6ES7517-3UP00-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-1500 CPU 1512C-1 PN (6ES7512-1CM03-0AB0) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) versions ant\u00e9rieures \u00e0 V8.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M874-3 (6GK5874-3AA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-5131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
    },
    {
      "name": "CVE-2016-4658",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
    },
    {
      "name": "CVE-2017-7375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
    },
    {
      "name": "CVE-2017-7376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
    },
    {
      "name": "CVE-2017-0663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-0663"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2017-9048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
    },
    {
      "name": "CVE-2017-16931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
    },
    {
      "name": "CVE-2017-9050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
    },
    {
      "name": "CVE-2017-18258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
    },
    {
      "name": "CVE-2017-9049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
    },
    {
      "name": "CVE-2017-16932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
    },
    {
      "name": "CVE-2016-9318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
    },
    {
      "name": "CVE-2018-0495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
    },
    {
      "name": "CVE-2019-6111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
    },
    {
      "name": "CVE-2019-3855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
    },
    {
      "name": "CVE-2019-3856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
    },
    {
      "name": "CVE-2019-3863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
    },
    {
      "name": "CVE-2019-3857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
    },
    {
      "name": "CVE-2019-8457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
    },
    {
      "name": "CVE-2019-5443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5443"
    },
    {
      "name": "CVE-2019-6109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
    },
    {
      "name": "CVE-2019-15903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
    },
    {
      "name": "CVE-2019-3859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3859"
    },
    {
      "name": "CVE-2019-3861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3861"
    },
    {
      "name": "CVE-2019-3860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3860"
    },
    {
      "name": "CVE-2019-3858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3858"
    },
    {
      "name": "CVE-2019-3862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
    },
    {
      "name": "CVE-2019-13565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13565"
    },
    {
      "name": "CVE-2019-13057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13057"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2019-16168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
    },
    {
      "name": "CVE-2019-19926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
    },
    {
      "name": "CVE-2019-19925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
    },
    {
      "name": "CVE-2019-19880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
    },
    {
      "name": "CVE-2019-19923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
    },
    {
      "name": "CVE-2019-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5018"
    },
    {
      "name": "CVE-2019-9936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
    },
    {
      "name": "CVE-2019-5482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5482"
    },
    {
      "name": "CVE-2019-19646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2020-8169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
    },
    {
      "name": "CVE-2020-11656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
    },
    {
      "name": "CVE-2019-19906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
    },
    {
      "name": "CVE-2020-14145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
    },
    {
      "name": "CVE-2019-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2018-20843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
    },
    {
      "name": "CVE-2020-13631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
    },
    {
      "name": "CVE-2020-13435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
    },
    {
      "name": "CVE-2020-13434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
    },
    {
      "name": "CVE-2020-15358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
    },
    {
      "name": "CVE-2020-13630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
    },
    {
      "name": "CVE-2020-25709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25709"
    },
    {
      "name": "CVE-2021-3177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
    },
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2020-8285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8285"
    },
    {
      "name": "CVE-2020-8286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
    },
    {
      "name": "CVE-2020-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
    },
    {
      "name": "CVE-2020-36224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
    },
    {
      "name": "CVE-2020-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
    },
    {
      "name": "CVE-2020-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
    },
    {
      "name": "CVE-2020-36225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
    },
    {
      "name": "CVE-2020-36228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
    },
    {
      "name": "CVE-2020-36223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
    },
    {
      "name": "CVE-2020-36229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
    },
    {
      "name": "CVE-2020-36226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
    },
    {
      "name": "CVE-2020-36230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
    },
    {
      "name": "CVE-2020-10531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
    },
    {
      "name": "CVE-2021-28363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28363"
    },
    {
      "name": "CVE-2020-8284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8284"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2019-17543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17543"
    },
    {
      "name": "CVE-2021-3518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
    },
    {
      "name": "CVE-2020-13632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
    },
    {
      "name": "CVE-2020-11655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
    },
    {
      "name": "CVE-2019-19645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
    },
    {
      "name": "CVE-2019-20907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2021-20305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20305"
    },
    {
      "name": "CVE-2019-20388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
    },
    {
      "name": "CVE-2020-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
    },
    {
      "name": "CVE-2020-29573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2019-5188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
    },
    {
      "name": "CVE-2019-5094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
    },
    {
      "name": "CVE-2020-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8177"
    },
    {
      "name": "CVE-2013-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
    },
    {
      "name": "CVE-2021-33910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
    },
    {
      "name": "CVE-2021-27219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27219"
    },
    {
      "name": "CVE-2021-27218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
    },
    {
      "name": "CVE-2019-18276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
    },
    {
      "name": "CVE-2020-24977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2020-29362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29362"
    },
    {
      "name": "CVE-2019-9169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
    },
    {
      "name": "CVE-2020-29363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29363"
    },
    {
      "name": "CVE-2021-3517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
    },
    {
      "name": "CVE-2020-13776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
    },
    {
      "name": "CVE-2020-26116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
    },
    {
      "name": "CVE-2020-25692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25692"
    },
    {
      "name": "CVE-2016-10228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10228"
    },
    {
      "name": "CVE-2020-29361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29361"
    },
    {
      "name": "CVE-2021-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2020-8231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8231"
    },
    {
      "name": "CVE-2020-8492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
    },
    {
      "name": "CVE-2021-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
    },
    {
      "name": "CVE-2021-3537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
    },
    {
      "name": "CVE-2020-8315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8315"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2021-20227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
    },
    {
      "name": "CVE-2021-36222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2020-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
    },
    {
      "name": "CVE-2021-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
    },
    {
      "name": "CVE-2021-3733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
    },
    {
      "name": "CVE-2022-45061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
    },
    {
      "name": "CVE-2022-40674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-43680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2022-35737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2019-9948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
    },
    {
      "name": "CVE-2022-42898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
    },
    {
      "name": "CVE-2019-6110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2019-16905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2022-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
    },
    {
      "name": "CVE-2022-23990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
    },
    {
      "name": "CVE-2021-45960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
    },
    {
      "name": "CVE-2022-22827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
    },
    {
      "name": "CVE-2022-22825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
    },
    {
      "name": "CVE-2022-22822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
    },
    {
      "name": "CVE-2022-22824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
    },
    {
      "name": "CVE-2021-46143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
    },
    {
      "name": "CVE-2022-22826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
    },
    {
      "name": "CVE-2022-23852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
    },
    {
      "name": "CVE-2022-22823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
    },
    {
      "name": "CVE-2019-5436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5436"
    },
    {
      "name": "CVE-2022-25313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2022-25315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
    },
    {
      "name": "CVE-2022-25235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
    },
    {
      "name": "CVE-2019-19603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
    },
    {
      "name": "CVE-2021-22890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22890"
    },
    {
      "name": "CVE-2021-22876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
    },
    {
      "name": "CVE-2019-19317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
    },
    {
      "name": "CVE-2019-19924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2020-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2019-19242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2019-19244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
    },
    {
      "name": "CVE-2021-41617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
    },
    {
      "name": "CVE-2022-0391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2018-14404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
    },
    {
      "name": "CVE-2019-9947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
    },
    {
      "name": "CVE-2019-9740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
    },
    {
      "name": "CVE-2019-10160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
    },
    {
      "name": "CVE-2019-16056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2019-17594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
    },
    {
      "name": "CVE-2019-17595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
    },
    {
      "name": "CVE-2021-20231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
    },
    {
      "name": "CVE-2021-36085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
    },
    {
      "name": "CVE-2021-36084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
    },
    {
      "name": "CVE-2021-20232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
    },
    {
      "name": "CVE-2021-36086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
    },
    {
      "name": "CVE-2021-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
    },
    {
      "name": "CVE-2021-36087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
    },
    {
      "name": "CVE-2021-33560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
    },
    {
      "name": "CVE-2021-28153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
    },
    {
      "name": "CVE-2022-1434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2022-1343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
    },
    {
      "name": "CVE-2022-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
    },
    {
      "name": "CVE-2022-29155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
    },
    {
      "name": "CVE-2022-25314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
    },
    {
      "name": "CVE-2021-4122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4122"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2022-2274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2274"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2020-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25710"
    },
    {
      "name": "CVE-2022-24407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
    },
    {
      "name": "CVE-2018-14567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2021-36690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
    },
    {
      "name": "CVE-2021-37750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
    },
    {
      "name": "CVE-2022-27778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27778"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2019-18348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
    },
    {
      "name": "CVE-2020-15523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15523"
    },
    {
      "name": "CVE-2021-4189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
    },
    {
      "name": "CVE-2022-37454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
    },
    {
      "name": "CVE-2020-10735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2020-15778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15778"
    },
    {
      "name": "CVE-2022-42916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
    },
    {
      "name": "CVE-2022-35260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35260"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2022-42915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2023-25136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25136"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2015-20107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
    },
    {
      "name": "CVE-2022-45873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
    },
    {
      "name": "CVE-2022-3821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
    },
    {
      "name": "CVE-2023-23915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
    },
    {
      "name": "CVE-2023-23914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2018-12886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12886"
    },
    {
      "name": "CVE-2022-1304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
    },
    {
      "name": "CVE-2023-24329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2022-27780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
    },
    {
      "name": "CVE-2022-30115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
    },
    {
      "name": "CVE-2023-27537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2023-31238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2023-30901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
    },
    {
      "name": "CVE-2021-3998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
    },
    {
      "name": "CVE-2019-20218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
    },
    {
      "name": "CVE-2020-35527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
    },
    {
      "name": "CVE-2016-3189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
    },
    {
      "name": "CVE-2019-19959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
    },
    {
      "name": "CVE-2020-35525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
    },
    {
      "name": "CVE-2022-46908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2016-3709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
    },
    {
      "name": "CVE-2021-28861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
    },
    {
      "name": "CVE-2023-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
    },
    {
      "name": "CVE-2023-0361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
    },
    {
      "name": "CVE-2023-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
    },
    {
      "name": "CVE-2023-34319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34319"
    },
    {
      "name": "CVE-2023-1206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
    },
    {
      "name": "CVE-2023-40283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
    },
    {
      "name": "CVE-2023-28831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28831"
    },
    {
      "name": "CVE-2023-3772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-4623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
    },
    {
      "name": "CVE-2023-39192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
    },
    {
      "name": "CVE-2023-39193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
    },
    {
      "name": "CVE-2023-42754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
    },
    {
      "name": "CVE-2023-39194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2023-42755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-31085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
    },
    {
      "name": "CVE-2023-39189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-44321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44321"
    },
    {
      "name": "CVE-2023-44374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44374"
    },
    {
      "name": "CVE-2023-44320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44320"
    },
    {
      "name": "CVE-2023-44319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44319"
    },
    {
      "name": "CVE-2023-44317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44317"
    },
    {
      "name": "CVE-2023-44318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44318"
    },
    {
      "name": "CVE-2023-44373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44373"
    },
    {
      "name": "CVE-2023-44322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44322"
    },
    {
      "name": "CVE-2020-22218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2021-3426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
    },
    {
      "name": "CVE-2023-5717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
    },
    {
      "name": "CVE-2023-45871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
    },
    {
      "name": "CVE-2020-19186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19186"
    },
    {
      "name": "CVE-2020-19190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19190"
    },
    {
      "name": "CVE-2020-19185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19185"
    },
    {
      "name": "CVE-2020-19189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
    },
    {
      "name": "CVE-2020-19187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19187"
    },
    {
      "name": "CVE-2020-19188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19188"
    },
    {
      "name": "CVE-2020-19909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
    },
    {
      "name": "CVE-2019-11360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11360"
    },
    {
      "name": "CVE-2019-13627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13627"
    },
    {
      "name": "CVE-2019-7309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-7309"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2019-1010024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010024"
    },
    {
      "name": "CVE-2022-47375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47375"
    },
    {
      "name": "CVE-2019-19126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19126"
    },
    {
      "name": "CVE-2023-46283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46283"
    },
    {
      "name": "CVE-2023-46282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46282"
    },
    {
      "name": "CVE-2023-32643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
    },
    {
      "name": "CVE-2014-7209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7209"
    },
    {
      "name": "CVE-2023-48431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48431"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2017-17512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17512"
    },
    {
      "name": "CVE-2020-1712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
    },
    {
      "name": "CVE-2023-48430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48430"
    },
    {
      "name": "CVE-2019-6488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6488"
    },
    {
      "name": "CVE-2023-39128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39128"
    },
    {
      "name": "CVE-2018-20482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20482"
    },
    {
      "name": "CVE-2021-27212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27212"
    },
    {
      "name": "CVE-2019-5481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5481"
    },
    {
      "name": "CVE-2021-43396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
    },
    {
      "name": "CVE-2022-2509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
    },
    {
      "name": "CVE-2022-3715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2019-20795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20795"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2019-9674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9674"
    },
    {
      "name": "CVE-2022-48522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
    },
    {
      "name": "CVE-2020-21913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21913"
    },
    {
      "name": "CVE-2019-12904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12904"
    },
    {
      "name": "CVE-2021-28041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-28041"
    },
    {
      "name": "CVE-2022-42784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42784"
    },
    {
      "name": "CVE-2023-48427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48427"
    },
    {
      "name": "CVE-2020-24659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24659"
    },
    {
      "name": "CVE-2023-48429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48429"
    },
    {
      "name": "CVE-2020-12062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12062"
    },
    {
      "name": "CVE-2019-1010023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010023"
    },
    {
      "name": "CVE-2023-49692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49692"
    },
    {
      "name": "CVE-2016-10739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10739"
    },
    {
      "name": "CVE-2019-1010180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010180"
    },
    {
      "name": "CVE-2023-46285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46285"
    },
    {
      "name": "CVE-2023-46156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46156"
    },
    {
      "name": "CVE-2019-5435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435"
    },
    {
      "name": "CVE-2019-15847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15847"
    },
    {
      "name": "CVE-2023-29491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
    },
    {
      "name": "CVE-2019-20367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20367"
    },
    {
      "name": "CVE-2023-46284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46284"
    },
    {
      "name": "CVE-2023-35945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
    },
    {
      "name": "CVE-2023-32665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2021-37600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2021-3997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
    },
    {
      "name": "CVE-2021-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3826"
    },
    {
      "name": "CVE-2023-26604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
    },
    {
      "name": "CVE-2019-1010022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010022"
    },
    {
      "name": "CVE-2020-6096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6096"
    },
    {
      "name": "CVE-2021-33294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2023-48428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48428"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2019-17498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
    },
    {
      "name": "CVE-2023-49691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49691"
    },
    {
      "name": "CVE-2023-25139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25139"
    },
    {
      "name": "CVE-2023-29499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
    },
    {
      "name": "CVE-2020-1751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1751"
    },
    {
      "name": "CVE-2019-1010025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010025"
    },
    {
      "name": "CVE-2019-12290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12290"
    },
    {
      "name": "CVE-2019-18224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18224"
    },
    {
      "name": "CVE-2018-18928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18928"
    },
    {
      "name": "CVE-2022-27943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27943"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2021-32292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
    },
    {
      "name": "CVE-2020-21047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-21047"
    },
    {
      "name": "CVE-2021-46195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
    },
    {
      "name": "CVE-2023-38380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38380"
    },
    {
      "name": "CVE-2023-28531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28531"
    },
    {
      "name": "CVE-2020-11501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11501"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2022-47374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47374"
    },
    {
      "name": "CVE-2023-46281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46281"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2020-15801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15801"
    },
    {
      "name": "CVE-2022-46141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-46141"
    },
    {
      "name": "CVE-2023-34969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
    },
    {
      "name": "CVE-2020-13529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13529"
    },
    {
      "name": "CVE-2023-27371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27371"
    },
    {
      "name": "CVE-2023-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
    },
    {
      "name": "CVE-2021-20193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20193"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2019-9923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9923"
    },
    {
      "name": "CVE-2020-13777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13777"
    },
    {
      "name": "CVE-2023-5981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
    },
    {
      "name": "CVE-2020-14422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14422"
    },
    {
      "name": "CVE-2023-32636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
    },
    {
      "name": "CVE-2021-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4209"
    },
    {
      "name": "CVE-2018-19591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19591"
    },
    {
      "name": "CVE-2022-48560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-1015",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-844582 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-180704 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-480095.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-077170 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480095 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-118850 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-118850.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-068047 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-077170.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-892915 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-280603.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-999588 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-280603 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-693975 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-892915.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-887801 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-887801.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-592380 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-844582.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-398330 du 12 d\u00e9cembre 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-592380.html"
    }
  ]
}

CERTFR-2024-AVI-0145

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	Db2	IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2
IBM	QRadar Suite Software	QRadar Suite Software versions 1.10.x.x antérieures à 1.10.18.0
IBM	N/A	IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions antérieures à v4.8.2
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF05
IBM	QRadar	IBM QRadar Use Case Manager App versions antérieures à 3.9.0
IBM	WebSphere	IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20
IBM	WebSphere	IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.1.x.x antérieures à 6.1.0.23
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.3.x.x antérieures à 6.3.0.6
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services versions 6.2.x.x antérieures à 6.2.0.22
IBM	Db2	IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2
IBM	Cloud Pak	IBM Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.18.0
IBM	Spectrum	IBM Spectrum Scale versions 5.1.x.x antérieures à 5.1.2.15
IBM	WebSphere	IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20
IBM	QRadar WinCollect Agent	IBM QRadar WinCollect Agent versions 10.0.x antérieures à 10.1.9
IBM	Spectrum	IBM Spectrum Scale versions 5.1.3.x antérieures à 5.1.9.2

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 7117872 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118592 du 16 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117873 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118289 du 15 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7118351 du 15 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117821 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117883 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117881 du 14 février 2024	None	vendor-advisory
Bulletin de sécurité IBM 7117884 du 14 février 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
      "product": {
        "name": "QRadar Suite Software",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF05",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 3.9.0",
      "product": {
        "name": "QRadar",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.1.x.x ant\u00e9rieures \u00e0 6.1.0.23",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.3.x.x ant\u00e9rieures \u00e0 6.3.0.6",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling Connect:Direct Web Services versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.22",
      "product": {
        "name": "Sterling Connect:Direct",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
      "product": {
        "name": "Db2",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
      "product": {
        "name": "Cloud Pak",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.1.x.x ant\u00e9rieures \u00e0 5.1.2.15",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20",
      "product": {
        "name": "WebSphere",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar WinCollect Agent versions 10.0.x ant\u00e9rieures \u00e0 10.1.9",
      "product": {
        "name": "QRadar WinCollect Agent",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Spectrum Scale versions 5.1.3.x ant\u00e9rieures \u00e0 5.1.9.2",
      "product": {
        "name": "Spectrum",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2023-21938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2015-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
    },
    {
      "name": "CVE-2023-6681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
    },
    {
      "name": "CVE-2023-43642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2023-49082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
    },
    {
      "name": "CVE-2015-8383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
    },
    {
      "name": "CVE-2023-1370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
    },
    {
      "name": "CVE-2023-45857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
    },
    {
      "name": "CVE-2023-45142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
    },
    {
      "name": "CVE-2023-34053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34053"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2023-46308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
    },
    {
      "name": "CVE-2023-46234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2023-47747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47747"
    },
    {
      "name": "CVE-2023-47158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47158"
    },
    {
      "name": "CVE-2022-23529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23529"
    },
    {
      "name": "CVE-2023-34054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34054"
    },
    {
      "name": "CVE-2023-30991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-21954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-21939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
    },
    {
      "name": "CVE-2023-46167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46167"
    },
    {
      "name": "CVE-2022-24921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
    },
    {
      "name": "CVE-2023-38740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38740"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2022-28327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
    },
    {
      "name": "CVE-2022-1292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
    },
    {
      "name": "CVE-2021-33196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
    },
    {
      "name": "CVE-2021-31525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
    },
    {
      "name": "CVE-2023-38719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38719"
    },
    {
      "name": "CVE-2023-30987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30987"
    },
    {
      "name": "CVE-2023-45178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45178"
    },
    {
      "name": "CVE-2023-47701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47701"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2023-23936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
    },
    {
      "name": "CVE-2023-50308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50308"
    },
    {
      "name": "CVE-2021-33198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
    },
    {
      "name": "CVE-2023-40687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40687"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2015-8381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2020-16845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2022-25883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
    },
    {
      "name": "CVE-2015-8392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2020-28367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28367"
    },
    {
      "name": "CVE-2024-20921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-44270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
    },
    {
      "name": "CVE-2015-8395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2023-34462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2021-38297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
    },
    {
      "name": "CVE-2015-8393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8393"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-23541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-45133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
    },
    {
      "name": "CVE-2023-47627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
    },
    {
      "name": "CVE-2023-26049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
    },
    {
      "name": "CVE-2022-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
    },
    {
      "name": "CVE-2023-26115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-32559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2023-4586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4586"
    },
    {
      "name": "CVE-2022-32149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
    },
    {
      "name": "CVE-2023-40373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40373"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2023-22081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
    },
    {
      "name": "CVE-2023-20569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
    },
    {
      "name": "CVE-2023-4206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
    },
    {
      "name": "CVE-2023-38728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38728"
    },
    {
      "name": "CVE-2021-41771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2023-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
    },
    {
      "name": "CVE-2021-33197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
    },
    {
      "name": "CVE-2023-4128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
    },
    {
      "name": "CVE-2022-29244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
    },
    {
      "name": "CVE-2021-27918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2023-46219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
    },
    {
      "name": "CVE-2021-4160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
    },
    {
      "name": "CVE-2023-32360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
    },
    {
      "name": "CVE-2023-47746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47746"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2022-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
    },
    {
      "name": "CVE-2023-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2023-28319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
    },
    {
      "name": "CVE-2020-15586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2022-23540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2021-39293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2023-42795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
    },
    {
      "name": "CVE-2023-4207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-37276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37276"
    },
    {
      "name": "CVE-2023-23920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
    },
    {
      "name": "CVE-2022-41716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
    },
    {
      "name": "CVE-2023-20593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2023-38720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38720"
    },
    {
      "name": "CVE-2023-34055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-24999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
    },
    {
      "name": "CVE-2023-47141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47141"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2023-23918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
    },
    {
      "name": "CVE-2015-8388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2023-40692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40692"
    },
    {
      "name": "CVE-2021-41190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
    },
    {
      "name": "CVE-2023-45193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45193"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2023-38003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38003"
    },
    {
      "name": "CVE-2023-45648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2023-47145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47145"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2024-22190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2022-40982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
    },
    {
      "name": "CVE-2023-39976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2023-38325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
    },
    {
      "name": "CVE-2023-4208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
    },
    {
      "name": "CVE-2020-8244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8244"
    },
    {
      "name": "CVE-2022-24675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
    },
    {
      "name": "CVE-2022-23806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
    },
    {
      "name": "CVE-2020-19909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
    },
    {
      "name": "CVE-2022-48337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48337"
    },
    {
      "name": "CVE-2023-3776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
    },
    {
      "name": "CVE-2021-36221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
    },
    {
      "name": "CVE-2023-44981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2023-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
    },
    {
      "name": "CVE-2022-23773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2021-34558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
    },
    {
      "name": "CVE-2022-23539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23539"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-33850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2015-8385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
    },
    {
      "name": "CVE-2015-8394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
    },
    {
      "name": "CVE-2020-29510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29510"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2015-8391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
    },
    {
      "name": "CVE-2015-8386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
    },
    {
      "name": "CVE-2022-23772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
    },
    {
      "name": "CVE-2023-2597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
    },
    {
      "name": "CVE-2021-41772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2022-48339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48339"
    },
    {
      "name": "CVE-2015-8387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
    },
    {
      "name": "CVE-2023-49081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
    },
    {
      "name": "CVE-2021-3114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2022-25881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
    },
    {
      "name": "CVE-2022-43548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
    },
    {
      "name": "CVE-2023-38727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38727"
    },
    {
      "name": "CVE-2021-29923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
    },
    {
      "name": "CVE-2022-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2023-23919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
    },
    {
      "name": "CVE-2020-24553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24553"
    },
    {
      "name": "CVE-2023-29258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29258"
    },
    {
      "name": "CVE-2021-44716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
    },
    {
      "name": "CVE-2023-34062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34062"
    },
    {
      "name": "CVE-2020-28362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
    },
    {
      "name": "CVE-2023-5676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
    },
    {
      "name": "CVE-2022-36046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36046"
    },
    {
      "name": "CVE-2022-2097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
    },
    {
      "name": "CVE-2021-33194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2002-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2002-0059"
    },
    {
      "name": "CVE-2023-43020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43020"
    },
    {
      "name": "CVE-2021-3712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
    },
    {
      "name": "CVE-2023-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2023-27859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27859"
    },
    {
      "name": "CVE-2023-32731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
    },
    {
      "name": "CVE-2023-21930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2015-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
    },
    {
      "name": "CVE-2024-20918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2023-32006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2020-14155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
    },
    {
      "name": "CVE-2022-3602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2023-36665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36665"
    },
    {
      "name": "CVE-2023-46158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2023-40374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40374"
    },
    {
      "name": "CVE-2015-8390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
    },
    {
      "name": "CVE-2023-46589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2023-26048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
    },
    {
      "name": "CVE-2023-39331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2024-20945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2023-39332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
    },
    {
      "name": "CVE-2023-21967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
    },
    {
      "name": "CVE-2020-14039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14039"
    },
    {
      "name": "CVE-2023-40372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40372"
    },
    {
      "name": "CVE-2023-26159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-47152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47152"
    },
    {
      "name": "CVE-2023-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
    },
    {
      "name": "CVE-2020-28366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28366"
    },
    {
      "name": "CVE-2024-20952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
    },
    {
      "name": "CVE-2021-33195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0145",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-02-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117872 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117872"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118592 du 16 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118592"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117873 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117873"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118289 du 15 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118289"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7118351 du 15 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7118351"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117821 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117821"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117883 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117883"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117881 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117881"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7117884 du 14 f\u00e9vrier 2024",
      "url": "https://www.ibm.com/support/pages/node/7117884"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-27782 (GCVE-0-2022-27782)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature