{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco IOS avec une configuration HTTP Server sp\u00e9cifique d\u00e9crite dans l'avis de s\u00e9curit\u00e9 de l'\u00e9diteur","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Wireless LAN Controller versions 8.10.151.0 et suivantes ant\u00e9rieures \u00e0 8.10.171.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco logiciel IOS versions 15.2(7)E.x ant\u00e9rieures \u00e0 15.2(7)E5","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco logiciel IOS versions 15.2(8)E.x ant\u00e9rieures \u00e0 15.2(8)E1","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco gamme de commutateurs Catalyst 9400","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco SD-WAN versions 20.7.x ant\u00e9rieures \u00e0 20.7.1","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 1000 Series Integrated Services Routers","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Embedded Wireless Controller avec le logiciel Catalyst Access Points versions 17.3.x ant\u00e9rieures \u00e0 17.3.4","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 4000 Series Integrated Services Routers","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XR versions 7.3.x ant\u00e9rieures \u00e0 7.3.2","product":{"name":"IOS XR","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XE entre les s\u00e9ries de versions 3SE et 3E","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XR versions 7.1.2 sans le SMU asr9k-x64-7.1.2.CSCvy48962 ou le service pack asr9k-px-7.1.2.k9-sp1.tar","product":{"name":"IOS XR","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco gamme de commutateurs Catalyst 9300","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Embedded Wireless Controller avec le logiciel Catalyst Access Points versions 17.6.x ant\u00e9rieures \u00e0 17.6.1","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco gamme de routeurs Catalyst 8300","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Catalyst 9800 Series Wireless Controllers","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 1000 Series Connected Grid Router (CGR1K)","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Cloud Services Router 1000V Series","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Catalyst 9800 Embedded Wireless Controllers pour la gamme de commutateurs Catalyst 9300, 9400 et 9500","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco routeurs ASR 1001-X","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco gamme de commutateurs Catalyst 9500","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco routeurs ASR 1002-X","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XE versions ant\u00e9rieures \u00e0 17.3.1","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Embedded Wireless Controllers sur Catalyst Access Points","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco logiciel Catalyst 8000V Edge","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Catalyst 9800-CL Wireless Controllers pour le Cloud","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco gamme de routeurs Catalyst 8500","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XR versions 7.1.3 sans le SMU asr9k-x64-7.1.3.CSCvz75757","product":{"name":"IOS XR","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco SD-WAN versions 20.6.x ant\u00e9rieures \u00e0 20.6.1","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs et des mesures de contournement (cf. section Documentation).\n","cves":[{"name":"CVE-2022-20683","url":"https://www.cve.org/CVERecord?id=CVE-2022-20683"},{"name":"CVE-2022-20739","url":"https://www.cve.org/CVERecord?id=CVE-2022-20739"},{"name":"CVE-2022-20716","url":"https://www.cve.org/CVERecord?id=CVE-2022-20716"},{"name":"CVE-2022-20761","url":"https://www.cve.org/CVERecord?id=CVE-2022-20761"},{"name":"CVE-2022-20678","url":"https://www.cve.org/CVERecord?id=CVE-2022-20678"},{"name":"CVE-2022-20681","url":"https://www.cve.org/CVERecord?id=CVE-2022-20681"},{"name":"CVE-2022-20731","url":"https://www.cve.org/CVERecord?id=CVE-2022-20731"},{"name":"CVE-2022-20695","url":"https://www.cve.org/CVERecord?id=CVE-2022-20695"},{"name":"CVE-2022-20684","url":"https://www.cve.org/CVERecord?id=CVE-2022-20684"},{"name":"CVE-2022-20692","url":"https://www.cve.org/CVERecord?id=CVE-2022-20692"},{"name":"CVE-2022-20622","url":"https://www.cve.org/CVERecord?id=CVE-2022-20622"},{"name":"CVE-2022-20697","url":"https://www.cve.org/CVERecord?id=CVE-2022-20697"},{"name":"CVE-2022-20661","url":"https://www.cve.org/CVERecord?id=CVE-2022-20661"},{"name":"CVE-2022-20714","url":"https://www.cve.org/CVERecord?id=CVE-2022-20714"},{"name":"CVE-2022-20682","url":"https://www.cve.org/CVERecord?id=CVE-2022-20682"}],"links":[],"reference":"CERTFR-2022-AVI-338","revisions":[{"description":"Version initiale","revision_date":"2022-04-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-c9800-snmp-trap-dos-mjent3Ey du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-snmp-trap-dos-mjent3Ey"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ewlc-priv-esc-ybvHKO5 du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ncossh-dos-ZAkfOdq8 du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncossh-dos-ZAkfOdq8"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-c9800-fnf-dos-bOL5vLge du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-fnf-dos-bOL5vLge"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cdb-cmicr-vulns-KJjFtNb du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdb-cmicr-vulns-KJjFtNb"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sdwan-privesc-vman-tEJFpBSL du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-vman-tEJFpBSL"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-lsplus-Z6AQEOjk du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-c9800-capwap-mdns-6PSn7gKU du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-capwap-mdns-6PSn7gKU"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sd-wan-file-access-VW36d28P du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ap-ip-flood-dos-6hxxENVQ du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ip-flood-dos-6hxxENVQ"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-wlc-auth-bypass-JRNhV4fF du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-appnav-xe-dos-j5MXTR4 du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appnav-xe-dos-j5MXTR4"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-http-dos-svOdkdBS du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-dos-svOdkdBS"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cgr1k-ap-dos-mSZR4QVh du 13 avril 2022","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cgr1k-ap-dos-mSZR4QVh"}]}