{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3R12-S17, 12.3X48-D105, 12.3X48-D95, 14.1X53-D49, 15.1R7-S6, 15.1R7-S8, 15.1R7-S9, 15.1X49-D190, 15.1X49-D191, 15.1X49-D200, 15.1X49-D230, 15.1X49-D240, 15.1X53-D592, 16.1R7-S7, 16.1R7-S8, 16.1R8, 16.2R2-S11, 16.2R3, 17.1R2-S11, 17.1R2-S12, 17.1R3, 17.1R3-S2, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.3R2-S5, 17.3R3-S10, 17.3R3-S11, 17.3R3-S7, 17.3R3-S8, 17.3R3-S9, 17.4R2-S10, 17.4R2-S12, 17.4R2-S13, 17.4R2-S6, 17.4R2-S9, 17.4R3, 17.4R3-S2, 17.4R3-S3, 17.4R3-S4, 17.4R3-S5, 18.1R3-S10, 18.1R3-S11, 18.1R3-S12, 18.1R3-S13, 18.1R3-S5, 18.1R3-S7, 18.1R3-S9, 18.2R2-S6, 18.2R2-S7, 18.2R2-S8, 18.2R3, 18.2R3-S1, 18.2R3-S3, 18.2R3-S5, 18.2R3-S6, 18.2R3-S7, 18.2R3-S8, 18.3R1-S7, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.3R3-S3, 18.3R3-S4, 18.3R3-S5, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R1-S8, 18.4R2, 18.4R2-S3, 18.4R2-S4, 18.4R2-S5, 18.4R2-S6, 18.4R2-S7, 18.4R2-S8, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3, 18.4R3-S4, 18.4R3-S5, 18.4R3-S6, 18.4R3-S7, 19.1R1, 19.1R1-S3, 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.1R3-S3, 19.1R3-S4, 19.2R1, 19.2R1-S1, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R2, 19.2R3, 19.2R3-S1, 19.2R3-S2, 19.3R1, 19.3R2, 19.3R2-S3, 19.3R2-S4, 19.3R2-S5, 19.3R3, 19.3R3-S1, 19.3R3-S2, 19.4R1, 19.4R1-S1, 19.4R1-S3, 19.4R2, 19.4R2-S2, 19.4R2-S4, 19.4R3, 19.4R3-S1, 19.4R3-S2, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R1-S3, 20.1R2, 20.1R2-S1, 20.1R3, 20.2R1, 20.2R1-S1, 20.2R1-S2, 20.2R2, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3, 20.3R1, 20.3R1-S1, 20.3R1-S2, 20.3R2, 20.3R3, 20.4R1, 20.4R1-S1, 20.4R2 et 21.1R1</li> <li>Junos OS Evolved versions ant\u00e9rieures \u00e0 19.2R2-EVO, 19.4R2-EVO, 20.1R1-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R2-EVO et 21.1R1-EVO</li> <li>Paragon Active Assurance Control Center versions ant\u00e9rieures \u00e0 2.35.6, 2.36.2 et 3.0.0</li> <li>AppFormix versions ant\u00e9rieures \u00e0 3.1.22, 3.2.14 et 3.3.0</li> </ul> <p>Les vuln\u00e9rabilit\u00e9s\u00a0CVE-2021-0248 (score CVSSv3 : 10, <a href=\"https://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA11141&amp;cat=SIRT_1&amp;actp=LIST\">https://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA11141&amp;cat=SIRT_1&amp;actp=LIST</a>) et\u00a0CVE-2021-0254 (score CVSSv3 : 9.8, <a href=\"https://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA11147&amp;cat=SIRT_1&amp;actp=LIST\">https://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA11147&amp;cat=SIRT_1&amp;actp=LIST</a>) sont les plus critiques de ce pr\u00e9sent avis.</p> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-0250","url":"https://www.cve.org/CVERecord?id=CVE-2021-0250"},{"name":"CVE-2021-0238","url":"https://www.cve.org/CVERecord?id=CVE-2021-0238"},{"name":"CVE-2021-0254","url":"https://www.cve.org/CVERecord?id=CVE-2021-0254"},{"name":"CVE-2021-0263","url":"https://www.cve.org/CVERecord?id=CVE-2021-0263"},{"name":"CVE-2021-0243","url":"https://www.cve.org/CVERecord?id=CVE-2021-0243"},{"name":"CVE-2021-0273","url":"https://www.cve.org/CVERecord?id=CVE-2021-0273"},{"name":"CVE-2021-0262","url":"https://www.cve.org/CVERecord?id=CVE-2021-0262"},{"name":"CVE-2021-0237","url":"https://www.cve.org/CVERecord?id=CVE-2021-0237"},{"name":"CVE-2021-0264","url":"https://www.cve.org/CVERecord?id=CVE-2021-0264"},{"name":"CVE-2021-0248","url":"https://www.cve.org/CVERecord?id=CVE-2021-0248"},{"name":"CVE-2021-0272","url":"https://www.cve.org/CVERecord?id=CVE-2021-0272"},{"name":"CVE-2021-0233","url":"https://www.cve.org/CVERecord?id=CVE-2021-0233"},{"name":"CVE-2021-0269","url":"https://www.cve.org/CVERecord?id=CVE-2021-0269"},{"name":"CVE-2021-0236","url":"https://www.cve.org/CVERecord?id=CVE-2021-0236"},{"name":"CVE-2021-0251","url":"https://www.cve.org/CVERecord?id=CVE-2021-0251"},{"name":"CVE-2021-0244","url":"https://www.cve.org/CVERecord?id=CVE-2021-0244"},{"name":"CVE-2021-0267","url":"https://www.cve.org/CVERecord?id=CVE-2021-0267"},{"name":"CVE-2021-0253","url":"https://www.cve.org/CVERecord?id=CVE-2021-0253"},{"name":"CVE-2021-0232","url":"https://www.cve.org/CVERecord?id=CVE-2021-0232"},{"name":"CVE-2021-0260","url":"https://www.cve.org/CVERecord?id=CVE-2021-0260"},{"name":"CVE-2021-0271","url":"https://www.cve.org/CVERecord?id=CVE-2021-0271"},{"name":"CVE-2021-0249","url":"https://www.cve.org/CVERecord?id=CVE-2021-0249"},{"name":"CVE-2021-0234","url":"https://www.cve.org/CVERecord?id=CVE-2021-0234"},{"name":"CVE-2021-0235","url":"https://www.cve.org/CVERecord?id=CVE-2021-0235"},{"name":"CVE-2021-0239","url":"https://www.cve.org/CVERecord?id=CVE-2021-0239"},{"name":"CVE-2021-0266","url":"https://www.cve.org/CVERecord?id=CVE-2021-0266"},{"name":"CVE-2021-0259","url":"https://www.cve.org/CVERecord?id=CVE-2021-0259"},{"name":"CVE-2021-0265","url":"https://www.cve.org/CVERecord?id=CVE-2021-0265"},{"name":"CVE-2021-0275","url":"https://www.cve.org/CVERecord?id=CVE-2021-0275"},{"name":"CVE-2021-0268","url":"https://www.cve.org/CVERecord?id=CVE-2021-0268"},{"name":"CVE-2021-0261","url":"https://www.cve.org/CVERecord?id=CVE-2021-0261"},{"name":"CVE-2021-0245","url":"https://www.cve.org/CVERecord?id=CVE-2021-0245"},{"name":"CVE-2021-0252","url":"https://www.cve.org/CVERecord?id=CVE-2021-0252"}],"links":[],"reference":"CERTFR-2021-AVI-290","revisions":[{"description":"Version initiale","revision_date":"2021-04-20T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11160 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11160&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11152 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11152&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11154 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11154&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11162 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11162&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11150 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11150&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11130 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11130&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11163 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11163&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11144 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11144&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11155 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11155&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11133 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11133&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11166 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11166&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11164 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11164&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11157 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11157&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11137 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11137&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11151 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11151&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11145 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11145&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11132 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11132&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11158 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11158&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11128 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11128&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11153 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11153&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11143 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11143&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11129 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11129&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11136 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11136&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11156 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11156&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11159 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11159&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11134 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11134&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11131 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11131&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11141 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11141&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11146 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11146&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11142 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11142&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11127 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11127&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11138 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11138&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA11147 du 14 avril 2021","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11147&cat=SIRT_1&actp=LIST"}]}