{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Sterling Connect:Direct for UNIX versions 6.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix145","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Connect:Direct for UNIX versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.5.iFix021","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Connect:Direct for UNIX versions 4.3.x ant\u00e9rieures \u00e0 4.3.0.1.iFix109","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling B2B Integrator version 6.1.0.0 \u00e0 6.1.2.0 ant\u00e9rieures \u00e0 6.1.2.1","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling B2B Integrator version 6.0.0.0 \u00e0 6.0.3.7 ant\u00e9rieures \u00e0 6.0.3.8","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Connect:Direct for UNIX versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.4.iFix077","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-38875","url":"https://www.cve.org/CVERecord?id=CVE-2021-38875"},{"name":"CVE-2022-31772","url":"https://www.cve.org/CVERecord?id=CVE-2022-31772"},{"name":"CVE-2019-4378","url":"https://www.cve.org/CVERecord?id=CVE-2019-4378"},{"name":"CVE-2019-4465","url":"https://www.cve.org/CVERecord?id=CVE-2019-4465"},{"name":"CVE-2020-4320","url":"https://www.cve.org/CVERecord?id=CVE-2020-4320"},{"name":"CVE-2019-4049","url":"https://www.cve.org/CVERecord?id=CVE-2019-4049"},{"name":"CVE-2019-4277","url":"https://www.cve.org/CVERecord?id=CVE-2019-4277"},{"name":"CVE-2021-38949","url":"https://www.cve.org/CVERecord?id=CVE-2021-38949"},{"name":"CVE-2020-4319","url":"https://www.cve.org/CVERecord?id=CVE-2020-4319"},{"name":"CVE-2019-4055","url":"https://www.cve.org/CVERecord?id=CVE-2019-4055"},{"name":"CVE-2022-40231","url":"https://www.cve.org/CVERecord?id=CVE-2022-40231"},{"name":"CVE-2020-4682","url":"https://www.cve.org/CVERecord?id=CVE-2020-4682"},{"name":"CVE-2022-40232","url":"https://www.cve.org/CVERecord?id=CVE-2022-40232"},{"name":"CVE-2022-21626","url":"https://www.cve.org/CVERecord?id=CVE-2022-21626"},{"name":"CVE-2020-4375","url":"https://www.cve.org/CVERecord?id=CVE-2020-4375"},{"name":"CVE-2020-4267","url":"https://www.cve.org/CVERecord?id=CVE-2020-4267"},{"name":"CVE-2023-23477","url":"https://www.cve.org/CVERecord?id=CVE-2023-23477"},{"name":"CVE-2019-4614","url":"https://www.cve.org/CVERecord?id=CVE-2019-4614"},{"name":"CVE-2019-4762","url":"https://www.cve.org/CVERecord?id=CVE-2019-4762"},{"name":"CVE-2021-29843","url":"https://www.cve.org/CVERecord?id=CVE-2021-29843"},{"name":"CVE-2019-4655","url":"https://www.cve.org/CVERecord?id=CVE-2019-4655"},{"name":"CVE-2020-4338","url":"https://www.cve.org/CVERecord?id=CVE-2020-4338"},{"name":"CVE-2019-4656","url":"https://www.cve.org/CVERecord?id=CVE-2019-4656"},{"name":"CVE-2022-42004","url":"https://www.cve.org/CVERecord?id=CVE-2022-42004"},{"name":"CVE-2019-12415","url":"https://www.cve.org/CVERecord?id=CVE-2019-12415"},{"name":"CVE-2022-22970","url":"https://www.cve.org/CVERecord?id=CVE-2022-22970"},{"name":"CVE-2022-31159","url":"https://www.cve.org/CVERecord?id=CVE-2022-31159"},{"name":"CVE-2019-4560","url":"https://www.cve.org/CVERecord?id=CVE-2019-4560"},{"name":"CVE-2022-43579","url":"https://www.cve.org/CVERecord?id=CVE-2022-43579"},{"name":"CVE-2022-42003","url":"https://www.cve.org/CVERecord?id=CVE-2022-42003"},{"name":"CVE-2019-4619","url":"https://www.cve.org/CVERecord?id=CVE-2019-4619"},{"name":"CVE-2019-4261","url":"https://www.cve.org/CVERecord?id=CVE-2019-4261"},{"name":"CVE-2019-4719","url":"https://www.cve.org/CVERecord?id=CVE-2019-4719"},{"name":"CVE-2022-34165","url":"https://www.cve.org/CVERecord?id=CVE-2022-34165"},{"name":"CVE-2020-4465","url":"https://www.cve.org/CVERecord?id=CVE-2020-4465"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 10 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954767"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 10 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954771"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 10 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954763"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 10 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954765"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 09 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954465"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 09 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954471"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 09 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954453"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 09 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954469"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 09 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954467"},{"title":"Bulletin de s\u00e9curit\u00e9 IBM du 10 f\u00e9vrier 2023","url":"https://www.ibm.com/support/pages/node/6954727"}],"reference":"CERTFR-2023-AVI-0116","revisions":[{"description":"Version initiale","revision_date":"2023-02-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits <span\nclass=\"textit\">IBM</span>. Elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une injection de code\nindirecte \u00e0 distance (XSS) et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954763 du 10 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954453 du 09 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954767 du 10 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954771 du 10 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954469 du 09 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954765 du 10 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954471 du 09 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954727 du 10 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954467 du 09 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6954465 du 09 f\u00e9vrier 2023","url":null}]}