{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Pulse Secure Services Director versions ant\u00e9rieures \u00e0 21.1R2</li> <li>Pulse Connect Secure versions ant\u00e9rieures \u00e0 9.1R14.1</li> <li>Pulse Policy Secure versions ant\u00e9rieures \u00e0 9.1R14.1</li> <li>Pulse One versions ant\u00e9rieures \u00e0 2.0.2201</li> </ul> <p>L'\u00e9diteur indique que les produits Pulse Secure Web Application Firewall, Ivanti Connect Secure (ICS), Pulse Desktop Client, Pulse Mobile Client, Pulse One, Pulse ZTA, Ivanti Neurons for ZTA et Ivanti Neurons for secure Access sont toujours \u00e0 l'\u00e9tude afin de d\u00e9terminer s'ils sont vuln\u00e9rables.</p> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-0778","url":"https://www.cve.org/CVERecord?id=CVE-2022-0778"}],"links":[{"title":"Bulletin CERTFR-2022-AVI-250 du 16 mars 2022","url":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-250/"},{"title":"Bulletin de s\u00e9curit\u00e9 Pulse Secure 31 mars 2022","url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/CVE-2022-0778-OpenSSL-Vulnerability-may-lead-to-DoS-attack"}],"reference":"CERTFR-2022-AVI-300","revisions":[{"description":"Version initiale","revision_date":"2022-04-01T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Pulse Secure. Elle\npermet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans les produits Pulse Secure","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Pulse Secure du 31 mars 2022","url":null}]}