{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"HP-UX.B.11.23 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"HP-UX.B.11.31.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2011-2134","url":"https://www.cve.org/CVERecord?id=CVE-2011-2134"},{"name":"CVE-2010-4476","url":"https://www.cve.org/CVERecord?id=CVE-2010-4476"},{"name":"CVE-2011-2135","url":"https://www.cve.org/CVERecord?id=CVE-2011-2135"},{"name":"CVE-2011-3558","url":"https://www.cve.org/CVERecord?id=CVE-2011-3558"},{"name":"CVE-2012-1994","url":"https://www.cve.org/CVERecord?id=CVE-2012-1994"},{"name":"CVE-2010-4470","url":"https://www.cve.org/CVERecord?id=CVE-2010-4470"},{"name":"CVE-2011-3556","url":"https://www.cve.org/CVERecord?id=CVE-2011-3556"},{"name":"CVE-2012-1999","url":"https://www.cve.org/CVERecord?id=CVE-2012-1999"},{"name":"CVE-2012-1995","url":"https://www.cve.org/CVERecord?id=CVE-2012-1995"},{"name":"CVE-2011-2414","url":"https://www.cve.org/CVERecord?id=CVE-2011-2414"},{"name":"CVE-2011-0864","url":"https://www.cve.org/CVERecord?id=CVE-2011-0864"},{"name":"CVE-2011-0868","url":"https://www.cve.org/CVERecord?id=CVE-2011-0868"},{"name":"CVE-2011-2456","url":"https://www.cve.org/CVERecord?id=CVE-2011-2456"},{"name":"CVE-2011-2450","url":"https://www.cve.org/CVERecord?id=CVE-2011-2450"},{"name":"CVE-2011-0611","url":"https://www.cve.org/CVERecord?id=CVE-2011-0611"},{"name":"CVE-2011-2429","url":"https://www.cve.org/CVERecord?id=CVE-2011-2429"},{"name":"CVE-2011-2430","url":"https://www.cve.org/CVERecord?id=CVE-2011-2430"},{"name":"CVE-2011-2415","url":"https://www.cve.org/CVERecord?id=CVE-2011-2415"},{"name":"CVE-2011-2426","url":"https://www.cve.org/CVERecord?id=CVE-2011-2426"},{"name":"CVE-2011-0866","url":"https://www.cve.org/CVERecord?id=CVE-2011-0866"},{"name":"CVE-2011-2137","url":"https://www.cve.org/CVERecord?id=CVE-2011-2137"},{"name":"CVE-2011-2458","url":"https://www.cve.org/CVERecord?id=CVE-2011-2458"},{"name":"CVE-2011-2140","url":"https://www.cve.org/CVERecord?id=CVE-2011-2140"},{"name":"CVE-2011-2425","url":"https://www.cve.org/CVERecord?id=CVE-2011-2425"},{"name":"CVE-2011-2457","url":"https://www.cve.org/CVERecord?id=CVE-2011-2457"},{"name":"CVE-2011-0871","url":"https://www.cve.org/CVERecord?id=CVE-2011-0871"},{"name":"CVE-2011-2461","url":"https://www.cve.org/CVERecord?id=CVE-2011-2461"},{"name":"CVE-2011-0786","url":"https://www.cve.org/CVERecord?id=CVE-2011-0786"},{"name":"CVE-2009-3555","url":"https://www.cve.org/CVERecord?id=CVE-2009-3555"},{"name":"CVE-2011-0802","url":"https://www.cve.org/CVERecord?id=CVE-2011-0802"},{"name":"CVE-2011-2459","url":"https://www.cve.org/CVERecord?id=CVE-2011-2459"},{"name":"CVE-2010-2227","url":"https://www.cve.org/CVERecord?id=CVE-2010-2227"},{"name":"CVE-2011-2092","url":"https://www.cve.org/CVERecord?id=CVE-2011-2092"},{"name":"CVE-2012-1996","url":"https://www.cve.org/CVERecord?id=CVE-2012-1996"},{"name":"CVE-2011-2427","url":"https://www.cve.org/CVERecord?id=CVE-2011-2427"},{"name":"CVE-2011-2428","url":"https://www.cve.org/CVERecord?id=CVE-2011-2428"},{"name":"CVE-2011-0862","url":"https://www.cve.org/CVERecord?id=CVE-2011-0862"},{"name":"CVE-2011-2139","url":"https://www.cve.org/CVERecord?id=CVE-2011-2139"},{"name":"CVE-2011-2138","url":"https://www.cve.org/CVERecord?id=CVE-2011-2138"},{"name":"CVE-2011-2451","url":"https://www.cve.org/CVERecord?id=CVE-2011-2451"},{"name":"CVE-2011-2136","url":"https://www.cve.org/CVERecord?id=CVE-2011-2136"},{"name":"CVE-2011-0865","url":"https://www.cve.org/CVERecord?id=CVE-2011-0865"},{"name":"CVE-2011-2460","url":"https://www.cve.org/CVERecord?id=CVE-2011-2460"},{"name":"CVE-2011-2416","url":"https://www.cve.org/CVERecord?id=CVE-2011-2416"},{"name":"CVE-2011-0815","url":"https://www.cve.org/CVERecord?id=CVE-2011-0815"},{"name":"CVE-2011-0817","url":"https://www.cve.org/CVERecord?id=CVE-2011-0817"},{"name":"CVE-2011-0863","url":"https://www.cve.org/CVERecord?id=CVE-2011-0863"},{"name":"CVE-2011-0873","url":"https://www.cve.org/CVERecord?id=CVE-2011-0873"},{"name":"CVE-2011-0814","url":"https://www.cve.org/CVERecord?id=CVE-2011-0814"},{"name":"CVE-2011-0788","url":"https://www.cve.org/CVERecord?id=CVE-2011-0788"},{"name":"CVE-2011-0869","url":"https://www.cve.org/CVERecord?id=CVE-2011-0869"},{"name":"CVE-2011-2130","url":"https://www.cve.org/CVERecord?id=CVE-2011-2130"},{"name":"CVE-2012-1997","url":"https://www.cve.org/CVERecord?id=CVE-2012-1997"},{"name":"CVE-2011-3557","url":"https://www.cve.org/CVERecord?id=CVE-2011-3557"},{"name":"CVE-2011-2453","url":"https://www.cve.org/CVERecord?id=CVE-2011-2453"},{"name":"CVE-2011-0867","url":"https://www.cve.org/CVERecord?id=CVE-2011-0867"},{"name":"CVE-2011-2093","url":"https://www.cve.org/CVERecord?id=CVE-2011-2093"},{"name":"CVE-2011-2452","url":"https://www.cve.org/CVERecord?id=CVE-2011-2452"},{"name":"CVE-2011-2454","url":"https://www.cve.org/CVERecord?id=CVE-2011-2454"},{"name":"CVE-2011-2455","url":"https://www.cve.org/CVERecord?id=CVE-2011-2455"},{"name":"CVE-2011-2417","url":"https://www.cve.org/CVERecord?id=CVE-2011-2417"},{"name":"CVE-2011-2445","url":"https://www.cve.org/CVERecord?id=CVE-2011-2445"},{"name":"CVE-2011-0872","url":"https://www.cve.org/CVERecord?id=CVE-2011-0872"},{"name":"CVE-2012-1998","url":"https://www.cve.org/CVERecord?id=CVE-2012-1998"},{"name":"CVE-2011-2444","url":"https://www.cve.org/CVERecord?id=CVE-2011-2444"}],"links":[],"reference":"CERTA-2012-AVI-241","revisions":[{"description":"version initiale.","revision_date":"2012-05-02T00:00:00.000000"}],"risks":[{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">HP SIM (Systems Insight Manager)</span>. Trois syst\u00e8mes\nd'exploitation sont concern\u00e9s, HP-UX, Linux et Windows. Les\nvuln\u00e9rabilit\u00e9s sont de diff\u00e9rentes natures, ex\u00e9cution de code arbitraire\n\u00e0 distance, acc\u00e8s non autoris\u00e9s, injection de requ\u00eates ill\u00e9gitimes par\nrebond (CSRF), redirection d'URL, contournement d'authentification et\nd\u00e9ni de service.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans HP SIM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 HP c03298151 du 30 avril 2012","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"}]}