{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Spectrum Protect Plus versions ant\u00e9rieures \u00e0 10.1.11","product":{"name":"Spectrum","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Spectrum Protect Client versions ant\u00e9rieures \u00e0 8.1.1.15","product":{"name":"Spectrum","vendor":{"name":"IBM","scada":false}}},{"description":"IBM\u00ae Db2\u00ae et Db2 Warehouse\u00ae sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.5.0","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM\u00ae Db2\u00ae sur Openshift versions ant\u00e9rieures \u00e0 11.5.7.0-cn5","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-29368","url":"https://www.cve.org/CVERecord?id=CVE-2020-29368"},{"name":"CVE-2021-20322","url":"https://www.cve.org/CVERecord?id=CVE-2021-20322"},{"name":"CVE-2018-1099","url":"https://www.cve.org/CVERecord?id=CVE-2018-1099"},{"name":"CVE-2021-4154","url":"https://www.cve.org/CVERecord?id=CVE-2021-4154"},{"name":"CVE-2021-45485","url":"https://www.cve.org/CVERecord?id=CVE-2021-45485"},{"name":"CVE-2022-27191","url":"https://www.cve.org/CVERecord?id=CVE-2022-27191"},{"name":"CVE-2021-30465","url":"https://www.cve.org/CVERecord?id=CVE-2021-30465"},{"name":"CVE-2019-11249","url":"https://www.cve.org/CVERecord?id=CVE-2019-11249"},{"name":"CVE-2020-8557","url":"https://www.cve.org/CVERecord?id=CVE-2020-8557"},{"name":"CVE-2020-7919","url":"https://www.cve.org/CVERecord?id=CVE-2020-7919"},{"name":"CVE-2019-11247","url":"https://www.cve.org/CVERecord?id=CVE-2019-11247"},{"name":"CVE-2020-28851","url":"https://www.cve.org/CVERecord?id=CVE-2020-28851"},{"name":"CVE-2021-42248","url":"https://www.cve.org/CVERecord?id=CVE-2021-42248"},{"name":"CVE-2018-1002105","url":"https://www.cve.org/CVERecord?id=CVE-2018-1002105"},{"name":"CVE-2021-31525","url":"https://www.cve.org/CVERecord?id=CVE-2021-31525"},{"name":"CVE-2020-15112","url":"https://www.cve.org/CVERecord?id=CVE-2020-15112"},{"name":"CVE-2021-4203","url":"https://www.cve.org/CVERecord?id=CVE-2021-4203"},{"name":"CVE-2021-25736","url":"https://www.cve.org/CVERecord?id=CVE-2021-25736"},{"name":"CVE-2020-27813","url":"https://www.cve.org/CVERecord?id=CVE-2020-27813"},{"name":"CVE-2018-17848","url":"https://www.cve.org/CVERecord?id=CVE-2018-17848"},{"name":"CVE-2019-16884","url":"https://www.cve.org/CVERecord?id=CVE-2019-16884"},{"name":"CVE-2021-41864","url":"https://www.cve.org/CVERecord?id=CVE-2021-41864"},{"name":"CVE-2020-36385","url":"https://www.cve.org/CVERecord?id=CVE-2020-36385"},{"name":"CVE-2020-25704","url":"https://www.cve.org/CVERecord?id=CVE-2020-25704"},{"name":"CVE-2021-25735","url":"https://www.cve.org/CVERecord?id=CVE-2021-25735"},{"name":"CVE-2017-18367","url":"https://www.cve.org/CVERecord?id=CVE-2017-18367"},{"name":"CVE-2020-8564","url":"https://www.cve.org/CVERecord?id=CVE-2020-8564"},{"name":"CVE-2021-20206","url":"https://www.cve.org/CVERecord?id=CVE-2021-20206"},{"name":"CVE-2019-11246","url":"https://www.cve.org/CVERecord?id=CVE-2019-11246"},{"name":"CVE-2021-31916","url":"https://www.cve.org/CVERecord?id=CVE-2021-31916"},{"name":"CVE-2020-8565","url":"https://www.cve.org/CVERecord?id=CVE-2020-8565"},{"name":"CVE-2021-27918","url":"https://www.cve.org/CVERecord?id=CVE-2021-27918"},{"name":"CVE-2021-3635","url":"https://www.cve.org/CVERecord?id=CVE-2021-3635"},{"name":"CVE-2021-3573","url":"https://www.cve.org/CVERecord?id=CVE-2021-3573"},{"name":"CVE-2018-1098","url":"https://www.cve.org/CVERecord?id=CVE-2018-1098"},{"name":"CVE-2021-28971","url":"https://www.cve.org/CVERecord?id=CVE-2021-28971"},{"name":"CVE-2019-11254","url":"https://www.cve.org/CVERecord?id=CVE-2019-11254"},{"name":"CVE-2022-0286","url":"https://www.cve.org/CVERecord?id=CVE-2022-0286"},{"name":"CVE-2021-4002","url":"https://www.cve.org/CVERecord?id=CVE-2021-4002"},{"name":"CVE-2021-4083","url":"https://www.cve.org/CVERecord?id=CVE-2021-4083"},{"name":"CVE-2021-45486","url":"https://www.cve.org/CVERecord?id=CVE-2021-45486"},{"name":"CVE-2020-8551","url":"https://www.cve.org/CVERecord?id=CVE-2020-8551"},{"name":"CVE-2017-1002101","url":"https://www.cve.org/CVERecord?id=CVE-2017-1002101"},{"name":"CVE-2021-4157","url":"https://www.cve.org/CVERecord?id=CVE-2021-4157"},{"name":"CVE-2020-15106","url":"https://www.cve.org/CVERecord?id=CVE-2020-15106"},{"name":"CVE-2021-43784","url":"https://www.cve.org/CVERecord?id=CVE-2021-43784"},{"name":"CVE-2021-20321","url":"https://www.cve.org/CVERecord?id=CVE-2021-20321"},{"name":"CVE-2018-17142","url":"https://www.cve.org/CVERecord?id=CVE-2018-17142"},{"name":"CVE-2022-0185","url":"https://www.cve.org/CVERecord?id=CVE-2022-0185"},{"name":"CVE-2022-0847","url":"https://www.cve.org/CVERecord?id=CVE-2022-0847"},{"name":"CVE-2021-41190","url":"https://www.cve.org/CVERecord?id=CVE-2021-41190"},{"name":"CVE-2021-44733","url":"https://www.cve.org/CVERecord?id=CVE-2021-44733"},{"name":"CVE-2020-8552","url":"https://www.cve.org/CVERecord?id=CVE-2020-8552"},{"name":"CVE-2021-20269","url":"https://www.cve.org/CVERecord?id=CVE-2021-20269"},{"name":"CVE-2020-8554","url":"https://www.cve.org/CVERecord?id=CVE-2020-8554"},{"name":"CVE-2019-11252","url":"https://www.cve.org/CVERecord?id=CVE-2019-11252"},{"name":"CVE-2021-3121","url":"https://www.cve.org/CVERecord?id=CVE-2021-3121"},{"name":"CVE-2019-11250","url":"https://www.cve.org/CVERecord?id=CVE-2019-11250"},{"name":"CVE-2022-22942","url":"https://www.cve.org/CVERecord?id=CVE-2022-22942"},{"name":"CVE-2022-1011","url":"https://www.cve.org/CVERecord?id=CVE-2022-1011"},{"name":"CVE-2021-3669","url":"https://www.cve.org/CVERecord?id=CVE-2021-3669"},{"name":"CVE-2020-8559","url":"https://www.cve.org/CVERecord?id=CVE-2020-8559"},{"name":"CVE-2020-10752","url":"https://www.cve.org/CVERecord?id=CVE-2020-10752"},{"name":"CVE-2021-28950","url":"https://www.cve.org/CVERecord?id=CVE-2021-28950"},{"name":"CVE-2021-29650","url":"https://www.cve.org/CVERecord?id=CVE-2021-29650"},{"name":"CVE-2020-36322","url":"https://www.cve.org/CVERecord?id=CVE-2020-36322"},{"name":"CVE-2020-28852","url":"https://www.cve.org/CVERecord?id=CVE-2020-28852"},{"name":"CVE-2021-4155","url":"https://www.cve.org/CVERecord?id=CVE-2021-4155"},{"name":"CVE-2020-15113","url":"https://www.cve.org/CVERecord?id=CVE-2020-15113"},{"name":"CVE-2020-29652","url":"https://www.cve.org/CVERecord?id=CVE-2020-29652"},{"name":"CVE-2018-17847","url":"https://www.cve.org/CVERecord?id=CVE-2018-17847"},{"name":"CVE-2022-0492","url":"https://www.cve.org/CVERecord?id=CVE-2022-0492"},{"name":"CVE-2020-26160","url":"https://www.cve.org/CVERecord?id=CVE-2020-26160"},{"name":"CVE-2022-0778","url":"https://www.cve.org/CVERecord?id=CVE-2022-0778"},{"name":"CVE-2021-42836","url":"https://www.cve.org/CVERecord?id=CVE-2021-42836"},{"name":"CVE-2020-8555","url":"https://www.cve.org/CVERecord?id=CVE-2020-8555"},{"name":"CVE-2021-44716","url":"https://www.cve.org/CVERecord?id=CVE-2021-44716"},{"name":"CVE-2018-17143","url":"https://www.cve.org/CVERecord?id=CVE-2018-17143"},{"name":"CVE-2019-11841","url":"https://www.cve.org/CVERecord?id=CVE-2019-11841"},{"name":"CVE-2018-20699","url":"https://www.cve.org/CVERecord?id=CVE-2018-20699"},{"name":"CVE-2021-33194","url":"https://www.cve.org/CVERecord?id=CVE-2021-33194"},{"name":"CVE-2020-14040","url":"https://www.cve.org/CVERecord?id=CVE-2020-14040"},{"name":"CVE-2021-3764","url":"https://www.cve.org/CVERecord?id=CVE-2021-3764"},{"name":"CVE-2019-1002101","url":"https://www.cve.org/CVERecord?id=CVE-2019-1002101"},{"name":"CVE-2021-38201","url":"https://www.cve.org/CVERecord?id=CVE-2021-38201"},{"name":"CVE-2021-21781","url":"https://www.cve.org/CVERecord?id=CVE-2021-21781"},{"name":"CVE-2022-0850","url":"https://www.cve.org/CVERecord?id=CVE-2022-0850"},{"name":"CVE-2021-3538","url":"https://www.cve.org/CVERecord?id=CVE-2021-3538"},{"name":"CVE-2019-11253","url":"https://www.cve.org/CVERecord?id=CVE-2019-11253"},{"name":"CVE-2021-25737","url":"https://www.cve.org/CVERecord?id=CVE-2021-25737"},{"name":"CVE-2018-17846","url":"https://www.cve.org/CVERecord?id=CVE-2018-17846"},{"name":"CVE-2021-4028","url":"https://www.cve.org/CVERecord?id=CVE-2021-4028"},{"name":"CVE-2021-43565","url":"https://www.cve.org/CVERecord?id=CVE-2021-43565"},{"name":"CVE-2021-25741","url":"https://www.cve.org/CVERecord?id=CVE-2021-25741"},{"name":"CVE-2018-16886","url":"https://www.cve.org/CVERecord?id=CVE-2018-16886"},{"name":"CVE-2021-44907","url":"https://www.cve.org/CVERecord?id=CVE-2021-44907"},{"name":"CVE-2021-4197","url":"https://www.cve.org/CVERecord?id=CVE-2021-4197"},{"name":"CVE-2020-9283","url":"https://www.cve.org/CVERecord?id=CVE-2020-9283"},{"name":"CVE-2019-11840","url":"https://www.cve.org/CVERecord?id=CVE-2019-11840"},{"name":"CVE-2019-11251","url":"https://www.cve.org/CVERecord?id=CVE-2019-11251"},{"name":"CVE-2020-36067","url":"https://www.cve.org/CVERecord?id=CVE-2020-36067"}],"links":[],"reference":"CERTFR-2022-AVI-591","revisions":[{"description":"Version initiale","revision_date":"2022-06-30T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6596399 du 29 juin 2022","url":"https://www.ibm.com/support/pages/node/6596399"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6596971 du 29 juin 2022","url":"https://www.ibm.com/support/pages/node/6596971"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6599703 du 29 juin 2022","url":"https://www.ibm.com/support/pages/node/6599703"}]}