{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"EMC NetWorker Module versions 2.4 ant\u00e9rieures \u00e0 la mise \u00e0 jour 375","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"EMC NetWorker Module version 2.2.1","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"EMC NetWorker Module versions 2.3 ant\u00e9rieures \u00e0 la mise \u00e0 jour 122","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-2284","url":"https://www.cve.org/CVERecord?id=CVE-2012-2284"},{"name":"CVE-2012-2290","url":"https://www.cve.org/CVERecord?id=CVE-2012-2290"}],"links":[],"reference":"CERTA-2012-AVI-571","revisions":[{"description":"version initiale.","revision_date":"2012-10-12T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span class=\"textit\">EMC\nNetWorker Module</span>. La premi\u00e8re concerne une ex\u00e9cution de code\narbitraire \u00e0 distance au moyen d'un message r\u00e9seau sp\u00e9cialement con\u00e7u\nenvoy\u00e9 depuis le client NMM. La seconde concerne l'impl\u00e9mentation de la\nsolution sur <span class=\"textit\">Microsoft Exchange Server</span> et\npermet d'extraire les identifiants administrateur lors d'une\ninstallation ou d'une mise \u00e0 jour.\n","title":"Vuln\u00e9rabilit\u00e9s dans EMC NetWorker Module","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 ESA-2012-025 du 10 octobre 2012","url":"http://seclists.org/bugtraq/2012/Oct/att-67/ESA-2012-025.txt"}]}