{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Nexus 9000 Series Fabric Switches (ACI Mode) sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Cloud Network Controller (anciennement Cisco APIC) versions 4.2.x \u00e0 25.0.x ant\u00e9rieures \u00e0 26.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco APIC versions 6.0.x ant\u00e9rieures \u00e0 6.0(2e)","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco APIC versions 4.2.x \u00e0 5.2.x ant\u00e9rieures \u00e0 5.2(7g)","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-20089","url":"https://www.cve.org/CVERecord?id=CVE-2023-20089"},{"name":"CVE-2023-20011","url":"https://www.cve.org/CVERecord?id=CVE-2023-20011"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Cisco Security Advisory\u00a0cisco-sa-aci-lldp-dos-ySCNZOpX du 22 f\u00e9vrier 2023","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX"},{"title":"Bulletin de s\u00e9curit\u00e9 Cisco Security Advisory\u00a0cisco-sa-capic-csrfv-DMx6KSwV du 22 f\u00e9vrier 2023","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV"}],"reference":"CERTFR-2023-AVI-0162","revisions":[{"description":"Version initiale","revision_date":"2023-02-23T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Cisco</span>. Elles permettent \u00e0 un attaquant de\nprovoquer une injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF) et \u00e0\nl'int\u00e9grit\u00e9 des donn\u00e9es et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco Security Advisory cisco-sa-capic-csrfv-DMx6KSwV du 22 f\u00e9vrier 2023","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco Security Advisory cisco-sa-aci-lldp-dos-ySCNZOpX du 22 f\u00e9vrier 2023","url":null}]}