{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Exchange Server 2013 Cumulative Update 23","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"ChakraCore","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2018 Update 3.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure DevOps Server 2019.0.1","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure DevOps Server 2020","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code TS-Lint Extension","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Dynamics 365 pour Finance and Operations","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 18","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics NAV 2015","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code Language Support pour Java Extension","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2017 Update 3.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour 64 bits Systems","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.8","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code Remote - SSH Extension","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 6","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2018 Update 1.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure Sphere","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 9.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure SDK pour Java","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 8.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 7","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure DevOps Server 2019 Update 1.1","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 17","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2015 Update 4.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"C SDK pour Azure IoT","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-17130","url":"https://www.cve.org/CVERecord?id=CVE-2020-17130"},{"name":"CVE-2020-17148","url":"https://www.cve.org/CVERecord?id=CVE-2020-17148"},{"name":"CVE-2020-17135","url":"https://www.cve.org/CVERecord?id=CVE-2020-17135"},{"name":"CVE-2020-17133","url":"https://www.cve.org/CVERecord?id=CVE-2020-17133"},{"name":"CVE-2020-17119","url":"https://www.cve.org/CVERecord?id=CVE-2020-17119"},{"name":"CVE-2020-17144","url":"https://www.cve.org/CVERecord?id=CVE-2020-17144"},{"name":"CVE-2020-17129","url":"https://www.cve.org/CVERecord?id=CVE-2020-17129"},{"name":"CVE-2020-17147","url":"https://www.cve.org/CVERecord?id=CVE-2020-17147"},{"name":"CVE-2020-17143","url":"https://www.cve.org/CVERecord?id=CVE-2020-17143"},{"name":"CVE-2020-17131","url":"https://www.cve.org/CVERecord?id=CVE-2020-17131"},{"name":"CVE-2020-17126","url":"https://www.cve.org/CVERecord?id=CVE-2020-17126"},{"name":"CVE-2020-16971","url":"https://www.cve.org/CVERecord?id=CVE-2020-16971"},{"name":"CVE-2020-17117","url":"https://www.cve.org/CVERecord?id=CVE-2020-17117"},{"name":"CVE-2020-17002","url":"https://www.cve.org/CVERecord?id=CVE-2020-17002"},{"name":"CVE-2020-17141","url":"https://www.cve.org/CVERecord?id=CVE-2020-17141"},{"name":"CVE-2020-17145","url":"https://www.cve.org/CVERecord?id=CVE-2020-17145"},{"name":"CVE-2020-17159","url":"https://www.cve.org/CVERecord?id=CVE-2020-17159"},{"name":"CVE-2020-17132","url":"https://www.cve.org/CVERecord?id=CVE-2020-17132"},{"name":"CVE-2020-17152","url":"https://www.cve.org/CVERecord?id=CVE-2020-17152"},{"name":"CVE-2020-17150","url":"https://www.cve.org/CVERecord?id=CVE-2020-17150"},{"name":"CVE-2020-17156","url":"https://www.cve.org/CVERecord?id=CVE-2020-17156"},{"name":"CVE-2020-17125","url":"https://www.cve.org/CVERecord?id=CVE-2020-17125"},{"name":"CVE-2020-17128","url":"https://www.cve.org/CVERecord?id=CVE-2020-17128"},{"name":"CVE-2020-17123","url":"https://www.cve.org/CVERecord?id=CVE-2020-17123"},{"name":"CVE-2020-17158","url":"https://www.cve.org/CVERecord?id=CVE-2020-17158"},{"name":"CVE-2020-17160","url":"https://www.cve.org/CVERecord?id=CVE-2020-17160"},{"name":"CVE-2020-17142","url":"https://www.cve.org/CVERecord?id=CVE-2020-17142"},{"name":"CVE-2020-17124","url":"https://www.cve.org/CVERecord?id=CVE-2020-17124"}],"links":[],"reference":"CERTFR-2020-AVI-808","revisions":[{"description":"Version initiale","revision_date":"2020-12-09T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les produits Microsoft</span>. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la fonctionnalit\u00e9 de\ns\u00e9curit\u00e9, une ex\u00e9cution de code \u00e0 distance, une usurpation d'identit\u00e9 et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft du 08 d\u00e9cembre 2020","url":"https://portal.msrc.microsoft.com/fr-FR/security-guidance"}]}