{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Nextcloud Android Talk Client versions ant\u00e9rieures \u00e0 12.3.0","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 22.x ant\u00e9rieures \u00e0 22.2.4","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 21.x ant\u00e9rieures \u00e0 21.0.8","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 20.x ant\u00e9rieures \u00e0 20.0.14","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Server versions 23.x ant\u00e9rieures \u00e0 23.0.1","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}},{"description":"Nextcloud Talk versions ant\u00e9rieures \u00e0 12.1.2","product":{"name":"N/A","vendor":{"name":"Nextcloud","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-24741","url":"https://www.cve.org/CVERecord?id=CVE-2022-24741"},{"name":"CVE-2021-41180","url":"https://www.cve.org/CVERecord?id=CVE-2021-41180"},{"name":"CVE-2021-41181","url":"https://www.cve.org/CVERecord?id=CVE-2021-41181"},{"name":"CVE-2021-41239","url":"https://www.cve.org/CVERecord?id=CVE-2021-41239"},{"name":"CVE-2021-41241","url":"https://www.cve.org/CVERecord?id=CVE-2021-41241"}],"links":[],"reference":"CERTFR-2022-AVI-218","revisions":[{"description":"Version initiale","revision_date":"2022-03-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nNextcloud. Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Nextcloud","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-497c-c8hx-6qcf du 08 mars 2022","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-497c-c8hx-6qcf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-4fxr-mrw2-cq92 du 08 mars 2022","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4fxr-mrw2-cq92"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-jf3h-xf4q-mh89 du 09 mars 2022","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-jf3h-xf4q-mh89"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-g722-cm3h-8wrx du 08 mars 2022","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g722-cm3h-8wrx"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-m4wp-r357-4q94 du 08 mars 2022","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m4wp-r357-4q94"}]}