{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco IronPort Email Security Appliance, C-series et M-Series, versions ant\u00e9rieures \u00e0 la version 7.6.0 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IronPort Security Management Appliance, M-Series, versions ant\u00e9rieures \u00e0 la version 7.8.0.","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"closed_at":"2013-02-05","content":"## Description\n\nCertains bo\u00eetiers Cisco IronPort utilisent une version vuln\u00e9rable du\nd\u00e9mon telnetd. Ce d\u00e9mon est actif par d\u00e9faut sur l'interface\nd'administration. Cette vuln\u00e9rabilit\u00e9 permet \u00e0 un attaquant d'ex\u00e9cuter\ndu code arbitraire \u00e0 distance.\n\n  \n  \n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-4862","url":"https://www.cve.org/CVERecord?id=CVE-2011-4862"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20120126-ironport du 26 janvier    2012 :","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport"}],"reference":"CERTA-2012-ALE-001","revisions":[{"description":"version initiale ;","revision_date":"2012-02-01T00:00:00.000000"},{"description":"fermeture de l'alerte, suite \u00e0 la correction par l'\u00e9diteur.","revision_date":"2013-02-05T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 sur certains bo\u00eetiers Cisco IronPort permet \u00e0 un\nattaquant d'ex\u00e9cuter du code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans Cisco IronPort","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20120126-ironport du 26 janvier 2012","url":null}]}