{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO","product":{"name":"Junos OS Evolved","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"JunosOS versions ant\u00e9rieures \u00e0 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1","product":{"name":"Junos OS Evolved","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-22193","url":"https://www.cve.org/CVERecord?id=CVE-2022-22193"},{"name":"CVE-2022-22198","url":"https://www.cve.org/CVERecord?id=CVE-2022-22198"},{"name":"CVE-2022-22197","url":"https://www.cve.org/CVERecord?id=CVE-2022-22197"},{"name":"CVE-2022-22194","url":"https://www.cve.org/CVERecord?id=CVE-2022-22194"},{"name":"CVE-2022-22186","url":"https://www.cve.org/CVERecord?id=CVE-2022-22186"},{"name":"CVE-2022-22196","url":"https://www.cve.org/CVERecord?id=CVE-2022-22196"},{"name":"CVE-2022-22181","url":"https://www.cve.org/CVERecord?id=CVE-2022-22181"},{"name":"CVE-2022-22188","url":"https://www.cve.org/CVERecord?id=CVE-2022-22188"},{"name":"CVE-2022-22182","url":"https://www.cve.org/CVERecord?id=CVE-2022-22182"},{"name":"CVE-2022-22183","url":"https://www.cve.org/CVERecord?id=CVE-2022-22183"},{"name":"CVE-2022-22195","url":"https://www.cve.org/CVERecord?id=CVE-2022-22195"}],"links":[],"reference":"CERTFR-2022-AVI-350","revisions":[{"description":"Version initiale","revision_date":"2022-04-15T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Junos OS et\nJunos OS Evolved. Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Juniper Junos OS et Junos OS Evolved","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69505 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-PTX-series-An-attacker-sending-a-crafted-GRE-packet-will-cause-the-PFE-to-restart-CVE-2022-22194?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69519 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-A-XSS-vulnerability-allows-an-attacker-to-execute-commands-on-a-target-J-Web-session-CVE-2022-22182?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69517 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-J-Web-can-be-compromised-through-reflected-XSS-attacks-CVE-2022-22181?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69516 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-A-remote-attacker-may-cause-a-CPU-Denial-of-Service-by-sending-genuine-traffic-to-a-device-on-a-specific-IPv4-port-CVE-2022-22183?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69511 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-core-will-be-observed-with-proxy-BGP-route-target-filtering-enabled-and-certain-route-add-and-delete-event-happening-CVE-2022-22197?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69513 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-MS-MPC-or-MS-MIC-or-SPC-crashes-if-it-receives-a-SIP-message-with-a-specific-contact-header-format-CVE-2022-22198?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69509 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-CPU-spikes-to-100-after-a-malformed-ISIS-TLV-has-been-received-CVE-2022-22196?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69497 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-QFX5100-QFX5110-QFX5120-QFX5200-QFX5210-EX4600-EX4650-Series-When-storm-control-profiling-is-enabled-and-a-device-is-under-an-active-storm-a-Heap-based-Buffer-Overflow-in-the-PFE-will-cause-a-device-hang-CVE-2022-22188?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69508 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-Specific-packets-reaching-the-RE-lead-to-a-counter-overflow-and-eventually-a-crash-CVE-2022-22195?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69503 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-certain-CLI-command-is-executed-the-rpd-process-might-crash-CVE-2022-22193?language=en_US"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA69494 du 13 avril 2022","url":"https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-EX4650-Series-Certain-traffic-received-by-the-Junos-OS-device-on-the-management-interface-may-be-forwarded-to-egress-interfaces-instead-of-discarded-CVE-2022-22186?language=en_US"}]}