{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P><SPAN class=\"textit\">CA Cohesion Application Configuration  Manager</SPAN> version 4.5.</P>","content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s affectent la version d'Apache Tomcat incluse\ndans CA Cohesion Application Configuration Manager. Ces vuln\u00e9rabilit\u00e9s\nsont d\u00e9crites dans les diverses r\u00e9f\u00e9rences CVE (voir section\nDocumentation) et permettent notamment de r\u00e9aliser un d\u00e9ni de service \u00e0\ndistance, d'injecter des scripts, d'afficher le contenu de certains\nfichiers, etc.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-2450","url":"https://www.cve.org/CVERecord?id=CVE-2007-2450"},{"name":"CVE-2007-0450","url":"https://www.cve.org/CVERecord?id=CVE-2007-0450"},{"name":"CVE-2008-0128","url":"https://www.cve.org/CVERecord?id=CVE-2008-0128"},{"name":"CVE-2007-1858","url":"https://www.cve.org/CVERecord?id=CVE-2007-1858"},{"name":"CVE-2007-1358","url":"https://www.cve.org/CVERecord?id=CVE-2007-1358"},{"name":"CVE-2006-7196","url":"https://www.cve.org/CVERecord?id=CVE-2006-7196"},{"name":"CVE-2005-2090","url":"https://www.cve.org/CVERecord?id=CVE-2005-2090"},{"name":"CVE-2007-3382","url":"https://www.cve.org/CVERecord?id=CVE-2007-3382"},{"name":"CVE-2005-3510","url":"https://www.cve.org/CVERecord?id=CVE-2005-3510"},{"name":"CVE-2006-3835","url":"https://www.cve.org/CVERecord?id=CVE-2006-3835"},{"name":"CVE-2007-3386","url":"https://www.cve.org/CVERecord?id=CVE-2007-3386"},{"name":"CVE-2007-2449","url":"https://www.cve.org/CVERecord?id=CVE-2007-2449"},{"name":"CVE-2007-1355","url":"https://www.cve.org/CVERecord?id=CVE-2007-1355"},{"name":"CVE-2006-7195","url":"https://www.cve.org/CVERecord?id=CVE-2006-7195"},{"name":"CVE-2007-3385","url":"https://www.cve.org/CVERecord?id=CVE-2007-3385"}],"links":[],"reference":"CERTA-2009-AVI-032","revisions":[{"description":"version initiale.","revision_date":"2009-01-28T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s affectent la version d'<span\nclass=\"textit\">Apache Tomcat</span> fournie avec <span class=\"textit\">CA\nCohesion Application Configuration Manager</span>.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans CA Cohesion Application Configuration Manager","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 CA20090123-01 du 26 janvier 2009","url":"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540"}]}