{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"FortiProxy 1.0 toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy 1.2 toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.14","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy 1.1 toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.3","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 6.4.x ant\u00e9rieures \u00e0 6.4.15","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 6.2.x ant\u00e9rieures \u00e0 6.2.16","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 6.0 toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.4.x ant\u00e9rieures \u00e0 7.4.3","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.15","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.7","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.14","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.9","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}}],"affected_systems_content":"<p><strong>[Mise \u00e0 jour du 15 f\u00e9vrier 2024] </strong><span class=\"mx_EventTile_body markdown-body\" dir=\"auto\">Ajout de FortiProxy et de nouvelles versions dans les syst\u00e8mes affect\u00e9s suite \u00e0 la mise \u00e0 jour du bulletin \u00e9diteur du 8 f\u00e9vrier 2024.</span><strong><br /> </strong></p>","closed_at":"2024-07-01","content":"## Contournement provisoire\n\nL'\u00e9diteur recommande de d\u00e9sactiver le VPN SSL si l'application du\ncorrectif n'est pas possible. <span\nclass=\"mx_EventTile_body markdown-body\" dir=\"auto\">Fortinet indique en\neffet que la d\u00e9sactivation de l'interface web n'est pas\nsuffisante</span>.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2024-21762","url":"https://www.cve.org/CVERecord?id=CVE-2024-21762"}],"links":[{"title":"[1] Catalogue des vuln\u00e9rabilit\u00e9s exploit\u00e9es de la CISA","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"title":"Avis CERT-FR CERTFR-2024-AVI-0108 du 09 d\u00e9cembre 2023","url":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0108/"}],"reference":"CERTFR-2024-ALE-004","revisions":[{"description":"Version initiale","revision_date":"2024-02-09T00:00:00.000000"},{"description":"Ajout des syst\u00e8mes affect\u00e9s","revision_date":"2024-02-15T00:00:00.000000"},{"description":"Ajout d'informations relatives aux codes d'exploitation publics","revision_date":"2024-03-19T00:00:00.000000"},{"description":"Cl\u00f4ture de l'alerte. Cela ne signifie pas la fin d'une menace. Seule l'application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l'exploitation de la vuln\u00e9rabilit\u00e9 correspondante.","revision_date":"2024-07-01T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"<span class=\"mx_EventTile_body markdown-body\" dir=\"auto\"\nstyle=\"color: #ff0000;\"><strong>\\[Mise \u00e0 jour du 19 mars 2024\\]</strong> Le CERT-FR a\nconnaissance de codes d'exploitation publics et de nouvelles tentatives\nd'exploitation.  \n</span>\n\n<span id=\"p14\">Le 8 f\u00e9vrier 2024, Fortinet a publi\u00e9 l'avis de s\u00e9curit\u00e9\nconcernant la vuln\u00e9rabilit\u00e9 critique CVE-2024-21762 affectant le VPN SSL\nde FortiOS.</span><span id=\"p15\"> Cette vuln\u00e9rabilit\u00e9 permet \u00e0 un\nattaquant non authentifi\u00e9 de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance.  \n</span>\n\n<span class=\"mx_EventTile_body markdown-body\" dir=\"auto\"><strong>\\[Mise \u00e0 jour\ndu 15 f\u00e9vrier 2024\\]</strong> Une mise \u00e0 jour du bulletin \u00e9diteur du 8 f\u00e9vrier\nindique que FortiProxy est aussi affect\u00e9 par cette vuln\u00e9rabilit\u00e9.</span>\n\n<span id=\"p16\">La CISA a connaissance d\u2019exploitation de cette\nvuln\u00e9rabilit\u00e9 par des attaquants \\[1\\]. <span\nclass=\"mx_EventTile_body markdown-body\" dir=\"auto\">Le CERT-FR recommande\ndonc fortement d'appliquer le correctif dans les plus brefs\nd\u00e9lais.</span></span><span id=\"p18\"></span>\n","title":"[M\u00e0J] Vuln\u00e9rabilit\u00e9 dans Fortinet FortiOS","vendor_advisories":[{"published_at":"2024-02-08","title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-015","url":"https://www.fortiguard.com/psirt/FG-IR-24-015"}]}