{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Network Performance Insight versions 1.2.1, 1.2.2, 1.2.3","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Installation Manager et IBM Packaging Utility versions ant\u00e9rieures \u00e0 1.8.9.2","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Content Collector for Email versions 4.0.1.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Content Collector for SharePoint versions 4.0.1.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM WebSphere Application Server versions 9.0.x ant\u00e9rieures \u00e0 9.0.0.9","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Content Collector for File Systems versions 4.0.1.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Content Collector for IBM Connections versions 4.0.1.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM WebSphere Application Server versions 8.0.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"IBM WebSphere Application Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.5.14","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Tivoli System Automation for Multiplatforms versions 4.1.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"Tivoli","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-1656","url":"https://www.cve.org/CVERecord?id=CVE-2018-1656"},{"name":"CVE-2018-1643","url":"https://www.cve.org/CVERecord?id=CVE-2018-1643"},{"name":"CVE-2018-11776","url":"https://www.cve.org/CVERecord?id=CVE-2018-11776"},{"name":"CVE-2018-11771","url":"https://www.cve.org/CVERecord?id=CVE-2018-11771"},{"name":"CVE-2018-1517","url":"https://www.cve.org/CVERecord?id=CVE-2018-1517"},{"name":"CVE-2018-12539","url":"https://www.cve.org/CVERecord?id=CVE-2018-12539"}],"links":[],"reference":"CERTFR-2018-AVI-544","revisions":[{"description":"Version initiale","revision_date":"2018-11-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM .\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10716857 du 13 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10716857"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10735325 du 13 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10735325"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10738729 du 13 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10738729"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10739173 du 12 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10739173"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10739183 du 12 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10739183"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 10730391 du 12 novembre 2018","url":"https://www-01.ibm.com/support/docview.wss?uid=ibm10730391"}]}