{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"PAN-OS versions 10.x ant\u00e9rieures \u00e0 10.0.7","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"Cortex XSOAR versions 5.5.0 ant\u00e9rieures \u00e0 1578677","product":{"name":"Cortex XSOAR","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"Cortex XSOAR versions 6.1.0 ant\u00e9rieures \u00e0 1578663","product":{"name":"Cortex XSOAR","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS versions 9.0.x ant\u00e9rieures \u00e0 9.0.14","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"Cortex XSOAR versions 6.0.2 ant\u00e9rieures \u00e0 1576452","product":{"name":"Cortex XSOAR","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS versions 9.1.x ant\u00e9rieures \u00e0 9.1.11","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"Cortex XSOAR versions 6.2.0 ant\u00e9rieures \u00e0 1578666","product":{"name":"Cortex XSOAR","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS versions 8.1.x ant\u00e9rieures \u00e0 8.1.20","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-3049","url":"https://www.cve.org/CVERecord?id=CVE-2021-3049"},{"name":"CVE-2021-3054","url":"https://www.cve.org/CVERecord?id=CVE-2021-3054"},{"name":"CVE-2020-10188","url":"https://www.cve.org/CVERecord?id=CVE-2020-10188"},{"name":"CVE-2021-3052","url":"https://www.cve.org/CVERecord?id=CVE-2021-3052"},{"name":"CVE-2021-3053","url":"https://www.cve.org/CVERecord?id=CVE-2021-3053"},{"name":"CVE-2021-3055","url":"https://www.cve.org/CVERecord?id=CVE-2021-3055"},{"name":"CVE-2021-3051","url":"https://www.cve.org/CVERecord?id=CVE-2021-3051"}],"links":[],"reference":"CERTFR-2021-AVI-692","revisions":[{"description":"Version initiale","revision_date":"2021-09-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo\nAlto Networks. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-10188 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2020-10188"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3053 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3053"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3049 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3049"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3055 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3055"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3054 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3054"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3051 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3051"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2021-3052 du 08 septembre 2021","url":"https://security.paloaltonetworks.com/CVE-2021-3052"}]}