{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Unified IP Interactive Voice Response (IP-IVR), 6.x, 7.x et 8.x.","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unified Communications Manager (CUCM), 5.x, 6.x, 7.x et 8.x ;","product":{"name":"Unified Communications Manager","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unified Contact Center Express (UCCX), 6.x, 7.x et 8.x ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLes produits Cisco affect\u00e9s pr\u00e9sentent une vuln\u00e9rabilit\u00e9 de type\ndirectory traversal. Un utilisateur malintentionn\u00e9 peut, \u00e0 l'aide d'une\nadresse r\u00e9ticulaire (URL) con\u00e7ue \u00e0 cet effet, lire tous les fichiers\npr\u00e9sents sur le syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-3315","url":"https://www.cve.org/CVERecord?id=CVE-2011-3315"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20111026-uccx du 26 octobre 2011    :","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx"},{"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20111026-cucm du 26 octobre 2011    :","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm"}],"reference":"CERTA-2011-AVI-601","revisions":[{"description":"version initiale.","revision_date":"2011-10-28T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans plusieurs produits Cisco permet \u00e0 un utilisateur\nmalintentionn\u00e9 de porter atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Vuln\u00e9rabilit\u00e9 dans Cisco CUCM, UCCX et Unified IP-IVR","vendor_advisories":[{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Cisco 20111026-cucm et 20111026-uccx du 26 octobre 2011","url":null}]}