{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Cisco Webex Business Suite WBS31 sites \u2013 Webex Network Recording Player et Webex Player toutes versions ant\u00e9rieures \u00e0 WBS31.23</li> <li>Cisco Webex Business Suite WBS32 sites \u2013 Webex Network Recording Player et Webex Player toutes versions ant\u00e9rieures \u00e0 WBS32.15.20</li> <li>Cisco Webex Business Suite WBS33 sites \u2013 Webex Network Recording Player et Webex Player toutes versions ant\u00e9rieures \u00e0 WBS33.4</li> <li>Cisco Webex Meetings Online \u2013 Webex Network Recording Player et Webex Player toutes versions ant\u00e9rieures \u00e0 1.3.37</li> <li>Cisco Webex Meetings Server \u2013 Webex Network Recording Player toutes versions ant\u00e9rieures \u00e0 3.0MR2 Patch 1</li> <li>Cisco SD-WAN Solution toutes versions ant\u00e9rieures \u00e0 17.2.8 et 18.3.1 ex\u00e9cut\u00e9es sur un des produits suivants : <ul> <li>Logiciel vBond Orchestrator</li> <li>Routeurs vEdge 100 Series</li> <li>Routeurs vEdge 1000 Series</li> <li>Routeurs vEdge 2000 Series</li> <li>Routeurs vEdge 5000 Series</li> <li>Routeurs vEdge Cloud Platform</li> <li>vManage Network Management Software</li> <li>vSmart Controller Software</li> </ul> </li> <li>Logiciel Cisco PI versions 3.2 \u00e0 3.4 sans correctif de s\u00e9curit\u00e9 et avec le serveur TFTP actif</li> <li>Cisco HyperFlex versions ant\u00e9rieures \u00e0 3.5(1a).</li> <li>Cisco Firepower Threat Defense (FTD) versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.4</li> <li>Cisco Firepower System</li> <li>Cisco DNA Center versions ant\u00e9rieures \u00e0 1.1.4</li> <li>Cisco Prime Collaboration Provisioning versions ant\u00e9rieures \u00e0 12.1</li> <li>ASA 5506-X avec le service FirePOWER\u00a0 ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco Adaptive Security Appliance (ASA) ou Cisco Firepower Threat Defense (FTD)</li> <li>ASA 5506H-X avec le service FirePOWER ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco Adaptive Security Appliance (ASA) ou Cisco Firepower Threat Defense (FTD)</li> <li>ASA 5506W-X avec le service FirePOWER ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco Adaptive Security Appliance (ASA) ou Cisco Firepower Threat Defense (FTD)</li> <li>ASA 5508-X avec le service FirePOWER ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco Adaptive Security Appliance (ASA) ou Cisco Firepower Threat Defense (FTD)</li> <li>ASA 5516-X avec le service FirePOWER ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco Adaptive Security Appliance (ASA) ou Cisco Firepower Threat Defense (FTD)</li> </ul> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-15390","url":"https://www.cve.org/CVERecord?id=CVE-2018-15390"},{"name":"CVE-2018-15383","url":"https://www.cve.org/CVERecord?id=CVE-2018-15383"},{"name":"CVE-2018-15379","url":"https://www.cve.org/CVERecord?id=CVE-2018-15379"},{"name":"CVE-2018-15386","url":"https://www.cve.org/CVERecord?id=CVE-2018-15386"},{"name":"CVE-2018-15410","url":"https://www.cve.org/CVERecord?id=CVE-2018-15410"},{"name":"CVE-2018-15382","url":"https://www.cve.org/CVERecord?id=CVE-2018-15382"},{"name":"CVE-2018-15389","url":"https://www.cve.org/CVERecord?id=CVE-2018-15389"},{"name":"CVE-2018-0448","url":"https://www.cve.org/CVERecord?id=CVE-2018-0448"},{"name":"CVE-2018-0455","url":"https://www.cve.org/CVERecord?id=CVE-2018-0455"},{"name":"CVE-2018-15409","url":"https://www.cve.org/CVERecord?id=CVE-2018-15409"},{"name":"CVE-2018-15408","url":"https://www.cve.org/CVERecord?id=CVE-2018-15408"},{"name":"CVE-2018-15387","url":"https://www.cve.org/CVERecord?id=CVE-2018-15387"}],"links":[],"reference":"CERTFR-2018-AVI-468","revisions":[{"description":"Version initiale","revision_date":"2018-10-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-pi-tftp du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-pi-tftp"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-sd-wan-bypass du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-hyperflex-secret du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-hyperflex-secret"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-webex-rce du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-dna-unauth-access du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-unauth-access"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-asa-dma-dos du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-ftd-inspect-dos du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-cpcp-password du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-cpcp-password"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-fp-smb-snort du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181003-dna-auth-bypass du 3 octobre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-auth-bypass"}]}