{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Universal Forwarder versions 9.0.x ant\u00e9rieures \u00e0 9.0.6","product":{"name":"Universal Forwarder","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk ITSI versions 4.15.x ant\u00e9rieures \u00e0 4.15.3","product":{"name":"N/A","vendor":{"name":"Splunk","scada":false}}},{"description":"Universal Forwarder versions 8.2.x ant\u00e9rieures \u00e0 8.2.12","product":{"name":"Universal Forwarder","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Cloud versions ant\u00e9rieures \u00e0 9.0.2305.200","product":{"name":"N/A","vendor":{"name":"Splunk","scada":false}}},{"description":"Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.1","product":{"name":"Universal Forwarder","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.12","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk ITSI versions 4.13.x ant\u00e9rieures \u00e0 4.13.3","product":{"name":"N/A","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Enterprise versions 9.1.x ant\u00e9rieures \u00e0 9.1.1","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.6","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-22898","url":"https://www.cve.org/CVERecord?id=CVE-2021-22898"},{"name":"CVE-2022-40899","url":"https://www.cve.org/CVERecord?id=CVE-2022-40899"},{"name":"CVE-2022-35252","url":"https://www.cve.org/CVERecord?id=CVE-2022-35252"},{"name":"CVE-2022-31129","url":"https://www.cve.org/CVERecord?id=CVE-2022-31129"},{"name":"CVE-2022-32189","url":"https://www.cve.org/CVERecord?id=CVE-2022-32189"},{"name":"CVE-2021-27919","url":"https://www.cve.org/CVERecord?id=CVE-2021-27919"},{"name":"CVE-2019-20454","url":"https://www.cve.org/CVERecord?id=CVE-2019-20454"},{"name":"CVE-2021-29425","url":"https://www.cve.org/CVERecord?id=CVE-2021-29425"},{"name":"CVE-2022-30631","url":"https://www.cve.org/CVERecord?id=CVE-2022-30631"},{"name":"CVE-2022-27191","url":"https://www.cve.org/CVERecord?id=CVE-2022-27191"},{"name":"CVE-2022-46175","url":"https://www.cve.org/CVERecord?id=CVE-2022-46175"},{"name":"CVE-2020-8169","url":"https://www.cve.org/CVERecord?id=CVE-2020-8169"},{"name":"CVE-2022-27781","url":"https://www.cve.org/CVERecord?id=CVE-2022-27781"},{"name":"CVE-2021-22925","url":"https://www.cve.org/CVERecord?id=CVE-2021-22925"},{"name":"CVE-2021-3572","url":"https://www.cve.org/CVERecord?id=CVE-2021-3572"},{"name":"CVE-2023-4571","url":"https://www.cve.org/CVERecord?id=CVE-2023-4571"},{"name":"CVE-2022-35260","url":"https://www.cve.org/CVERecord?id=CVE-2022-35260"},{"name":"CVE-2023-29404","url":"https://www.cve.org/CVERecord?id=CVE-2023-29404"},{"name":"CVE-2022-27536","url":"https://www.cve.org/CVERecord?id=CVE-2022-27536"},{"name":"CVE-2022-24921","url":"https://www.cve.org/CVERecord?id=CVE-2022-24921"},{"name":"CVE-2022-32208","url":"https://www.cve.org/CVERecord?id=CVE-2022-32208"},{"name":"CVE-2022-28327","url":"https://www.cve.org/CVERecord?id=CVE-2022-28327"},{"name":"CVE-2020-28851","url":"https://www.cve.org/CVERecord?id=CVE-2020-28851"},{"name":"CVE-2021-33196","url":"https://www.cve.org/CVERecord?id=CVE-2021-33196"},{"name":"CVE-2021-31525","url":"https://www.cve.org/CVERecord?id=CVE-2021-31525"},{"name":"CVE-2020-8285","url":"https://www.cve.org/CVERecord?id=CVE-2020-8285"},{"name":"CVE-2021-22901","url":"https://www.cve.org/CVERecord?id=CVE-2021-22901"},{"name":"CVE-2022-27778","url":"https://www.cve.org/CVERecord?id=CVE-2022-27778"},{"name":"CVE-2021-33198","url":"https://www.cve.org/CVERecord?id=CVE-2021-33198"},{"name":"CVE-2022-30635","url":"https://www.cve.org/CVERecord?id=CVE-2022-30635"},{"name":"CVE-2019-20838","url":"https://www.cve.org/CVERecord?id=CVE-2019-20838"},{"name":"CVE-2022-41715","url":"https://www.cve.org/CVERecord?id=CVE-2022-41715"},{"name":"CVE-2022-32207","url":"https://www.cve.org/CVERecord?id=CVE-2022-32207"},{"name":"CVE-2022-37603","url":"https://www.cve.org/CVERecord?id=CVE-2022-37603"},{"name":"CVE-2022-41722","url":"https://www.cve.org/CVERecord?id=CVE-2022-41722"},{"name":"CVE-2021-41182","url":"https://www.cve.org/CVERecord?id=CVE-2021-41182"},{"name":"CVE-2023-40592","url":"https://www.cve.org/CVERecord?id=CVE-2023-40592"},{"name":"CVE-2023-29403","url":"https://www.cve.org/CVERecord?id=CVE-2023-29403"},{"name":"CVE-2022-27776","url":"https://www.cve.org/CVERecord?id=CVE-2022-27776"},{"name":"CVE-2022-42916","url":"https://www.cve.org/CVERecord?id=CVE-2022-42916"},{"name":"CVE-2020-8286","url":"https://www.cve.org/CVERecord?id=CVE-2020-8286"},{"name":"CVE-2023-29405","url":"https://www.cve.org/CVERecord?id=CVE-2023-29405"},{"name":"CVE-2021-38297","url":"https://www.cve.org/CVERecord?id=CVE-2021-38297"},{"name":"CVE-2022-30629","url":"https://www.cve.org/CVERecord?id=CVE-2022-30629"},{"name":"CVE-2022-40897","url":"https://www.cve.org/CVERecord?id=CVE-2022-40897"},{"name":"CVE-2022-27782","url":"https://www.cve.org/CVERecord?id=CVE-2022-27782"},{"name":"CVE-2022-32149","url":"https://www.cve.org/CVERecord?id=CVE-2022-32149"},{"name":"CVE-2022-32148","url":"https://www.cve.org/CVERecord?id=CVE-2022-32148"},{"name":"CVE-2020-8177","url":"https://www.cve.org/CVERecord?id=CVE-2020-8177"},{"name":"CVE-2021-41771","url":"https://www.cve.org/CVERecord?id=CVE-2021-41771"},{"name":"CVE-2021-33197","url":"https://www.cve.org/CVERecord?id=CVE-2021-33197"},{"name":"CVE-2021-27918","url":"https://www.cve.org/CVERecord?id=CVE-2021-27918"},{"name":"CVE-2022-30630","url":"https://www.cve.org/CVERecord?id=CVE-2022-30630"},{"name":"CVE-2021-22924","url":"https://www.cve.org/CVERecord?id=CVE-2021-22924"},{"name":"CVE-2022-33987","url":"https://www.cve.org/CVERecord?id=CVE-2022-33987"},{"name":"CVE-2022-43552","url":"https://www.cve.org/CVERecord?id=CVE-2022-43552"},{"name":"CVE-2023-40596","url":"https://www.cve.org/CVERecord?id=CVE-2023-40596"},{"name":"CVE-2023-40594","url":"https://www.cve.org/CVERecord?id=CVE-2023-40594"},{"name":"CVE-2021-22947","url":"https://www.cve.org/CVERecord?id=CVE-2021-22947"},{"name":"CVE-2021-22922","url":"https://www.cve.org/CVERecord?id=CVE-2021-22922"},{"name":"CVE-2023-40595","url":"https://www.cve.org/CVERecord?id=CVE-2023-40595"},{"name":"CVE-2022-22576","url":"https://www.cve.org/CVERecord?id=CVE-2022-22576"},{"name":"CVE-2021-38561","url":"https://www.cve.org/CVERecord?id=CVE-2021-38561"},{"name":"CVE-2021-39293","url":"https://www.cve.org/CVERecord?id=CVE-2021-39293"},{"name":"CVE-2022-1705","url":"https://www.cve.org/CVERecord?id=CVE-2022-1705"},{"name":"CVE-2022-3510","url":"https://www.cve.org/CVERecord?id=CVE-2022-3510"},{"name":"CVE-2022-3509","url":"https://www.cve.org/CVERecord?id=CVE-2022-3509"},{"name":"CVE-2021-22946","url":"https://www.cve.org/CVERecord?id=CVE-2021-22946"},{"name":"CVE-2020-8284","url":"https://www.cve.org/CVERecord?id=CVE-2020-8284"},{"name":"CVE-2023-23915","url":"https://www.cve.org/CVERecord?id=CVE-2023-23915"},{"name":"CVE-2022-41720","url":"https://www.cve.org/CVERecord?id=CVE-2022-41720"},{"name":"CVE-2022-41716","url":"https://www.cve.org/CVERecord?id=CVE-2022-41716"},{"name":"CVE-2022-24999","url":"https://www.cve.org/CVERecord?id=CVE-2022-24999"},{"name":"CVE-2022-29526","url":"https://www.cve.org/CVERecord?id=CVE-2022-29526"},{"name":"CVE-2022-30633","url":"https://www.cve.org/CVERecord?id=CVE-2022-30633"},{"name":"CVE-2022-1941","url":"https://www.cve.org/CVERecord?id=CVE-2022-1941"},{"name":"CVE-2021-3520","url":"https://www.cve.org/CVERecord?id=CVE-2021-3520"},{"name":"CVE-2022-36227","url":"https://www.cve.org/CVERecord?id=CVE-2022-36227"},{"name":"CVE-2021-41184","url":"https://www.cve.org/CVERecord?id=CVE-2021-41184"},{"name":"CVE-2021-41183","url":"https://www.cve.org/CVERecord?id=CVE-2021-41183"},{"name":"CVE-2021-36976","url":"https://www.cve.org/CVERecord?id=CVE-2021-36976"},{"name":"CVE-2023-27535","url":"https://www.cve.org/CVERecord?id=CVE-2023-27535"},{"name":"CVE-2022-27775","url":"https://www.cve.org/CVERecord?id=CVE-2022-27775"},{"name":"CVE-2023-23914","url":"https://www.cve.org/CVERecord?id=CVE-2023-23914"},{"name":"CVE-2022-30632","url":"https://www.cve.org/CVERecord?id=CVE-2022-30632"},{"name":"CVE-2022-27774","url":"https://www.cve.org/CVERecord?id=CVE-2022-27774"},{"name":"CVE-2022-37601","url":"https://www.cve.org/CVERecord?id=CVE-2022-37601"},{"name":"CVE-2022-1962","url":"https://www.cve.org/CVERecord?id=CVE-2022-1962"},{"name":"CVE-2021-23382","url":"https://www.cve.org/CVERecord?id=CVE-2021-23382"},{"name":"CVE-2023-40597","url":"https://www.cve.org/CVERecord?id=CVE-2023-40597"},{"name":"CVE-2022-2309","url":"https://www.cve.org/CVERecord?id=CVE-2022-2309"},{"name":"CVE-2022-42915","url":"https://www.cve.org/CVERecord?id=CVE-2022-42915"},{"name":"CVE-2022-32221","url":"https://www.cve.org/CVERecord?id=CVE-2022-32221"},{"name":"CVE-2022-28131","url":"https://www.cve.org/CVERecord?id=CVE-2022-28131"},{"name":"CVE-2022-3517","url":"https://www.cve.org/CVERecord?id=CVE-2022-3517"},{"name":"CVE-2021-22897","url":"https://www.cve.org/CVERecord?id=CVE-2021-22897"},{"name":"CVE-2022-24675","url":"https://www.cve.org/CVERecord?id=CVE-2022-24675"},{"name":"CVE-2022-23806","url":"https://www.cve.org/CVERecord?id=CVE-2022-23806"},{"name":"CVE-2021-36221","url":"https://www.cve.org/CVERecord?id=CVE-2021-36221"},{"name":"CVE-2022-2880","url":"https://www.cve.org/CVERecord?id=CVE-2022-2880"},{"name":"CVE-2022-23773","url":"https://www.cve.org/CVERecord?id=CVE-2022-23773"},{"name":"CVE-2023-24539","url":"https://www.cve.org/CVERecord?id=CVE-2023-24539"},{"name":"CVE-2018-10237","url":"https://www.cve.org/CVERecord?id=CVE-2018-10237"},{"name":"CVE-2021-34558","url":"https://www.cve.org/CVERecord?id=CVE-2021-34558"},{"name":"CVE-2021-3803","url":"https://www.cve.org/CVERecord?id=CVE-2021-3803"},{"name":"CVE-2022-2879","url":"https://www.cve.org/CVERecord?id=CVE-2022-2879"},{"name":"CVE-2022-32205","url":"https://www.cve.org/CVERecord?id=CVE-2022-32205"},{"name":"CVE-2023-27534","url":"https://www.cve.org/CVERecord?id=CVE-2023-27534"},{"name":"CVE-2023-27536","url":"https://www.cve.org/CVERecord?id=CVE-2023-27536"},{"name":"CVE-2022-23772","url":"https://www.cve.org/CVERecord?id=CVE-2022-23772"},{"name":"CVE-2020-29652","url":"https://www.cve.org/CVERecord?id=CVE-2020-29652"},{"name":"CVE-2022-43551","url":"https://www.cve.org/CVERecord?id=CVE-2022-43551"},{"name":"CVE-2022-42004","url":"https://www.cve.org/CVERecord?id=CVE-2022-42004"},{"name":"CVE-2022-40023","url":"https://www.cve.org/CVERecord?id=CVE-2022-40023"},{"name":"CVE-2021-22569","url":"https://www.cve.org/CVERecord?id=CVE-2021-22569"},{"name":"CVE-2023-27533","url":"https://www.cve.org/CVERecord?id=CVE-2023-27533"},{"name":"CVE-2021-41772","url":"https://www.cve.org/CVERecord?id=CVE-2021-41772"},{"name":"CVE-2020-8231","url":"https://www.cve.org/CVERecord?id=CVE-2020-8231"},{"name":"CVE-2022-27779","url":"https://www.cve.org/CVERecord?id=CVE-2022-27779"},{"name":"CVE-2023-29400","url":"https://www.cve.org/CVERecord?id=CVE-2023-29400"},{"name":"CVE-2022-25881","url":"https://www.cve.org/CVERecord?id=CVE-2022-25881"},{"name":"CVE-2021-31566","url":"https://www.cve.org/CVERecord?id=CVE-2021-31566"},{"name":"CVE-2021-29923","url":"https://www.cve.org/CVERecord?id=CVE-2021-29923"},{"name":"CVE-2023-27538","url":"https://www.cve.org/CVERecord?id=CVE-2023-27538"},{"name":"CVE-2020-8908","url":"https://www.cve.org/CVERecord?id=CVE-2020-8908"},{"name":"CVE-2022-30634","url":"https://www.cve.org/CVERecord?id=CVE-2022-30634"},{"name":"CVE-2021-44716","url":"https://www.cve.org/CVERecord?id=CVE-2021-44716"},{"name":"CVE-2021-23343","url":"https://www.cve.org/CVERecord?id=CVE-2021-23343"},{"name":"CVE-2022-35737","url":"https://www.cve.org/CVERecord?id=CVE-2022-35737"},{"name":"CVE-2021-33194","url":"https://www.cve.org/CVERecord?id=CVE-2021-33194"},{"name":"CVE-2023-24540","url":"https://www.cve.org/CVERecord?id=CVE-2023-24540"},{"name":"CVE-2022-32206","url":"https://www.cve.org/CVERecord?id=CVE-2022-32206"},{"name":"CVE-2022-38900","url":"https://www.cve.org/CVERecord?id=CVE-2022-38900"},{"name":"CVE-2023-40598","url":"https://www.cve.org/CVERecord?id=CVE-2023-40598"},{"name":"CVE-2013-7489","url":"https://www.cve.org/CVERecord?id=CVE-2013-7489"},{"name":"CVE-2021-22926","url":"https://www.cve.org/CVERecord?id=CVE-2021-22926"},{"name":"CVE-2021-30560","url":"https://www.cve.org/CVERecord?id=CVE-2021-30560"},{"name":"CVE-2023-40593","url":"https://www.cve.org/CVERecord?id=CVE-2023-40593"},{"name":"CVE-2022-30580","url":"https://www.cve.org/CVERecord?id=CVE-2022-30580"},{"name":"CVE-2018-20225","url":"https://www.cve.org/CVERecord?id=CVE-2018-20225"},{"name":"CVE-2021-22890","url":"https://www.cve.org/CVERecord?id=CVE-2021-22890"},{"name":"CVE-2022-42003","url":"https://www.cve.org/CVERecord?id=CVE-2022-42003"},{"name":"CVE-2021-44717","url":"https://www.cve.org/CVERecord?id=CVE-2021-44717"},{"name":"CVE-2020-14155","url":"https://www.cve.org/CVERecord?id=CVE-2020-14155"},{"name":"CVE-2022-29804","url":"https://www.cve.org/CVERecord?id=CVE-2022-29804"},{"name":"CVE-2023-2976","url":"https://www.cve.org/CVERecord?id=CVE-2023-2976"},{"name":"CVE-2021-22923","url":"https://www.cve.org/CVERecord?id=CVE-2021-22923"},{"name":"CVE-2022-37599","url":"https://www.cve.org/CVERecord?id=CVE-2022-37599"},{"name":"CVE-2023-29402","url":"https://www.cve.org/CVERecord?id=CVE-2023-29402"},{"name":"CVE-2021-29060","url":"https://www.cve.org/CVERecord?id=CVE-2021-29060"},{"name":"CVE-2021-43565","url":"https://www.cve.org/CVERecord?id=CVE-2021-43565"},{"name":"CVE-2022-30115","url":"https://www.cve.org/CVERecord?id=CVE-2022-30115"},{"name":"CVE-2022-3171","url":"https://www.cve.org/CVERecord?id=CVE-2022-3171"},{"name":"CVE-2021-20066","url":"https://www.cve.org/CVERecord?id=CVE-2021-20066"},{"name":"CVE-2021-22876","url":"https://www.cve.org/CVERecord?id=CVE-2021-22876"},{"name":"CVE-2023-27537","url":"https://www.cve.org/CVERecord?id=CVE-2023-27537"},{"name":"CVE-2022-23491","url":"https://www.cve.org/CVERecord?id=CVE-2022-23491"},{"name":"CVE-2022-27780","url":"https://www.cve.org/CVERecord?id=CVE-2022-27780"},{"name":"CVE-2020-28469","url":"https://www.cve.org/CVERecord?id=CVE-2020-28469"},{"name":"CVE-2021-22945","url":"https://www.cve.org/CVERecord?id=CVE-2021-22945"},{"name":"CVE-2021-33195","url":"https://www.cve.org/CVERecord?id=CVE-2021-33195"},{"name":"CVE-2022-27664","url":"https://www.cve.org/CVERecord?id=CVE-2022-27664"},{"name":"CVE-2023-23916","url":"https://www.cve.org/CVERecord?id=CVE-2023-23916"}],"links":[],"reference":"CERTFR-2023-AVI-0701","revisions":[{"description":"Version initiale","revision_date":"2023-08-31T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk. Certaines\nd'entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Splunk","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0802 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0802"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0804 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0804"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0806 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0806"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0810 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0810"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0807 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0807"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0808 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0808"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0803 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0803"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0801 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0801"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0805 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0805"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0809 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0809"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk SVD-2023-0811 du 30 ao\u00fbt 2023","url":"https://advisory.splunk.com/advisories/SVD-2023-0811"}]}