{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"AOS-CX versions 10.06.x ant\u00e9rieures \u00e0 10.06.0180","product":{"name":"AOS","vendor":{"name":"HPE Aruba Networking","scada":false}}},{"description":"AOS-CX versions 10.09.x ant\u00e9rieures \u00e0 10.09.0010","product":{"name":"AOS","vendor":{"name":"HPE Aruba Networking","scada":false}}},{"description":"AOS-CX versions 10.07.x ant\u00e9rieures \u00e0 10.07.0061","product":{"name":"AOS","vendor":{"name":"HPE Aruba Networking","scada":false}}},{"description":"AOS-CX versions 10.08.x ant\u00e9rieures \u00e0 10.08.1040","product":{"name":"AOS","vendor":{"name":"HPE Aruba Networking","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2017-13099","url":"https://www.cve.org/CVERecord?id=CVE-2017-13099"},{"name":"CVE-2016-6883","url":"https://www.cve.org/CVERecord?id=CVE-2016-6883"},{"name":"CVE-2017-17427","url":"https://www.cve.org/CVERecord?id=CVE-2017-17427"},{"name":"CVE-2012-5081","url":"https://www.cve.org/CVERecord?id=CVE-2012-5081"},{"name":"CVE-2017-13098","url":"https://www.cve.org/CVERecord?id=CVE-2017-13098"},{"name":"CVE-2017-1000385","url":"https://www.cve.org/CVERecord?id=CVE-2017-1000385"},{"name":"CVE-2002-20001","url":"https://www.cve.org/CVERecord?id=CVE-2002-20001"},{"name":"CVE-2017-6168","url":"https://www.cve.org/CVERecord?id=CVE-2017-6168"},{"name":"CVE-2021-41000","url":"https://www.cve.org/CVERecord?id=CVE-2021-41000"},{"name":"CVE-2017-12373","url":"https://www.cve.org/CVERecord?id=CVE-2017-12373"},{"name":"CVE-2021-41003","url":"https://www.cve.org/CVERecord?id=CVE-2021-41003"},{"name":"CVE-2017-17428","url":"https://www.cve.org/CVERecord?id=CVE-2017-17428"},{"name":"CVE-2021-41001","url":"https://www.cve.org/CVERecord?id=CVE-2021-41001"},{"name":"CVE-2021-3712","url":"https://www.cve.org/CVERecord?id=CVE-2021-3712"},{"name":"CVE-2017-17382","url":"https://www.cve.org/CVERecord?id=CVE-2017-17382"},{"name":"CVE-2021-41002","url":"https://www.cve.org/CVERecord?id=CVE-2021-41002"}],"links":[],"reference":"CERTFR-2022-AVI-171","revisions":[{"description":"Version initiale","revision_date":"2022-02-23T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les commutateurs\nAruba AOS-CX. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les commutateurs Aruba AOS-CX","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Aruba AOS-CX ARUBA-PSA-2022-004 du 23 f\u00e9vrier 2022","url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt"}]}