{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Business Objects Web Intelligence (BI Launchpad) version 420","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP S/4HANA versions 100, 101, 102, 103, 104, 105 et 106","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Content Server version 7.53","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP 3D Visual Enterprise Viewer version 9.0","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Web Dispatcher versions 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86 et 7.87","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP NetWeaver and ABAP Platform versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT et 7.49","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Solution Manager (Diagnostics Root Cause Analysis Tools) version 720","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP S/4HANA (Supplier Factsheet and Enterprise Search for Business Partner, Supplier and Customer) versions 104, 105 et 106","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Business Client version 6.5","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Commerce versions 1905, 2005, 2105 et 2011","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Adaptive Server Enterprise version 16.0","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Data Intelligence version 3","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP NetWeaver AS ABAP (Workplace Server) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756 et 787","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"Internet of Things Edge Platform version 4.0","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP NetWeaver Application Server Java versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49 et 7.53","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP NetWeaver (ABAP and Java application Servers) versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755 et 756","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Dynamic Authorization Management version 9.1.0.0 et 2021.03","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP ERP HCM (Portugal) versions 600, 604 et 608","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Customer Checkout version 2","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-22544","url":"https://www.cve.org/CVERecord?id=CVE-2022-22544"},{"name":"CVE-2022-22531","url":"https://www.cve.org/CVERecord?id=CVE-2022-22531"},{"name":"CVE-2022-22543","url":"https://www.cve.org/CVERecord?id=CVE-2022-22543"},{"name":"CVE-2022-22535","url":"https://www.cve.org/CVERecord?id=CVE-2022-22535"},{"name":"CVE-2022-22536","url":"https://www.cve.org/CVERecord?id=CVE-2022-22536"},{"name":"CVE-2021-45105","url":"https://www.cve.org/CVERecord?id=CVE-2021-45105"},{"name":"CVE-2022-22528","url":"https://www.cve.org/CVERecord?id=CVE-2022-22528"},{"name":"CVE-2022-22539","url":"https://www.cve.org/CVERecord?id=CVE-2022-22539"},{"name":"CVE-2022-22532","url":"https://www.cve.org/CVERecord?id=CVE-2022-22532"},{"name":"CVE-2021-45046","url":"https://www.cve.org/CVERecord?id=CVE-2021-45046"},{"name":"CVE-2022-22530","url":"https://www.cve.org/CVERecord?id=CVE-2022-22530"},{"name":"CVE-2022-22546","url":"https://www.cve.org/CVERecord?id=CVE-2022-22546"},{"name":"CVE-2022-22538","url":"https://www.cve.org/CVERecord?id=CVE-2022-22538"},{"name":"CVE-2022-22540","url":"https://www.cve.org/CVERecord?id=CVE-2022-22540"},{"name":"CVE-2021-44228","url":"https://www.cve.org/CVERecord?id=CVE-2021-44228"},{"name":"CVE-2021-44832","url":"https://www.cve.org/CVERecord?id=CVE-2021-44832"},{"name":"CVE-2022-22537","url":"https://www.cve.org/CVERecord?id=CVE-2022-22537"},{"name":"CVE-2022-22542","url":"https://www.cve.org/CVERecord?id=CVE-2022-22542"},{"name":"CVE-2022-22534","url":"https://www.cve.org/CVERecord?id=CVE-2022-22534"}],"links":[],"reference":"CERTFR-2022-AVI-125","revisions":[{"description":"Version initiale","revision_date":"2022-02-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SAP du 09 f\u00e9vrier 2022","url":"https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022"}]}