{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SINEC NMS versions ant\u00e9rieures \u00e0 V2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0) versions ant\u00e9rieures \u00e0 V8.10.0.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Simcenter Amesim versions ant\u00e9rieures \u00e0 V2021.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Forgot Password (Mendix 8 compatible) versions ant\u00e9rieures \u00e0 V4.1.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Forgot Password (Mendix 10 compatible) versions ant\u00e9rieures \u00e0 V5.4.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0) versions ant\u00e9rieures \u00e0 V8.10.0.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Tecnomatix Plant Simulation V2201 versions ant\u00e9rieures \u00e0 V2201.0009","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Forgot Password (Mendix 9 compatible) versions ant\u00e9rieures \u00e0 V5.4.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Parasolid V35.1 versions ant\u00e9rieures \u00e0 V35.1.250","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.19 versions ant\u00e9rieures \u00e0 V3.19 P005","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8050 MASTER MODULE (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.11","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8050 MASTER MODULE (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.11 (uniquement avec le support debug activ\u00e9)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Parasolid V36.0 versions ant\u00e9rieures \u00e0 V36.0.169","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.17 versions ant\u00e9rieures \u00e0 V3.17 P029","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8031 MASTER MODULE (6MF2803-1AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.11","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Forgot Password (Mendix 7 compatible) versions ant\u00e9rieures \u00e0 V3.7.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8031 MASTER MODULE (6MF2803-1AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.11 (uniquement avec le support debug activ\u00e9)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM PAS/PQS versions sup\u00e9rieures ou \u00e9gales \u00e0 V8.00 versions ant\u00e9rieures \u00e0 V8.22","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.18 versions ant\u00e9rieures \u00e0 V3.18 P019","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Parasolid V35.0 versions ant\u00e9rieures \u00e0 V35.0.262","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Tecnomatix Plant Simulation V2302 versions ant\u00e9rieures \u00e0 V2302.0003","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0) versions ant\u00e9rieures \u00e0 V8.10.0.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Xpedition Layout Browser versions ant\u00e9rieures \u00e0 VX.2.14","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-44081","url":"https://www.cve.org/CVERecord?id=CVE-2023-44081"},{"name":"CVE-2023-22788","url":"https://www.cve.org/CVERecord?id=CVE-2023-22788"},{"name":"CVE-2023-30900","url":"https://www.cve.org/CVERecord?id=CVE-2023-30900"},{"name":"CVE-2023-22783","url":"https://www.cve.org/CVERecord?id=CVE-2023-22783"},{"name":"CVE-2022-30527","url":"https://www.cve.org/CVERecord?id=CVE-2022-30527"},{"name":"CVE-2023-44083","url":"https://www.cve.org/CVERecord?id=CVE-2023-44083"},{"name":"CVE-2023-22785","url":"https://www.cve.org/CVERecord?id=CVE-2023-22785"},{"name":"CVE-2023-45204","url":"https://www.cve.org/CVERecord?id=CVE-2023-45204"},{"name":"CVE-2023-44315","url":"https://www.cve.org/CVERecord?id=CVE-2023-44315"},{"name":"CVE-2023-44086","url":"https://www.cve.org/CVERecord?id=CVE-2023-44086"},{"name":"CVE-2023-45205","url":"https://www.cve.org/CVERecord?id=CVE-2023-45205"},{"name":"CVE-2023-44082","url":"https://www.cve.org/CVERecord?id=CVE-2023-44082"},{"name":"CVE-2023-44084","url":"https://www.cve.org/CVERecord?id=CVE-2023-44084"},{"name":"CVE-2023-37195","url":"https://www.cve.org/CVERecord?id=CVE-2023-37195"},{"name":"CVE-2023-35796","url":"https://www.cve.org/CVERecord?id=CVE-2023-35796"},{"name":"CVE-2023-44085","url":"https://www.cve.org/CVERecord?id=CVE-2023-44085"},{"name":"CVE-2023-22784","url":"https://www.cve.org/CVERecord?id=CVE-2023-22784"},{"name":"CVE-2023-23903","url":"https://www.cve.org/CVERecord?id=CVE-2023-23903"},{"name":"CVE-2023-22378","url":"https://www.cve.org/CVERecord?id=CVE-2023-22378"},{"name":"CVE-2023-22781","url":"https://www.cve.org/CVERecord?id=CVE-2023-22781"},{"name":"CVE-2023-22789","url":"https://www.cve.org/CVERecord?id=CVE-2023-22789"},{"name":"CVE-2023-22790","url":"https://www.cve.org/CVERecord?id=CVE-2023-22790"},{"name":"CVE-2023-22843","url":"https://www.cve.org/CVERecord?id=CVE-2023-22843"},{"name":"CVE-2023-24471","url":"https://www.cve.org/CVERecord?id=CVE-2023-24471"},{"name":"CVE-2023-38640","url":"https://www.cve.org/CVERecord?id=CVE-2023-38640"},{"name":"CVE-2023-24477","url":"https://www.cve.org/CVERecord?id=CVE-2023-24477"},{"name":"CVE-2023-22787","url":"https://www.cve.org/CVERecord?id=CVE-2023-22787"},{"name":"CVE-2023-36380","url":"https://www.cve.org/CVERecord?id=CVE-2023-36380"},{"name":"CVE-2023-42796","url":"https://www.cve.org/CVERecord?id=CVE-2023-42796"},{"name":"CVE-2023-22791","url":"https://www.cve.org/CVERecord?id=CVE-2023-22791"},{"name":"CVE-2023-43625","url":"https://www.cve.org/CVERecord?id=CVE-2023-43625"},{"name":"CVE-2023-22780","url":"https://www.cve.org/CVERecord?id=CVE-2023-22780"},{"name":"CVE-2023-22786","url":"https://www.cve.org/CVERecord?id=CVE-2023-22786"},{"name":"CVE-2023-43623","url":"https://www.cve.org/CVERecord?id=CVE-2023-43623"},{"name":"CVE-2023-24015","url":"https://www.cve.org/CVERecord?id=CVE-2023-24015"},{"name":"CVE-2023-23574","url":"https://www.cve.org/CVERecord?id=CVE-2023-23574"},{"name":"CVE-2023-22779","url":"https://www.cve.org/CVERecord?id=CVE-2023-22779"},{"name":"CVE-2023-44087","url":"https://www.cve.org/CVERecord?id=CVE-2023-44087"},{"name":"CVE-2023-37194","url":"https://www.cve.org/CVERecord?id=CVE-2023-37194"},{"name":"CVE-2023-22782","url":"https://www.cve.org/CVERecord?id=CVE-2023-22782"},{"name":"CVE-2023-45601","url":"https://www.cve.org/CVERecord?id=CVE-2023-45601"}],"links":[],"reference":"CERTFR-2023-AVI-0819","revisions":[{"description":"Version initiale","revision_date":"2023-10-11T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits Siemens</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-160243 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-035466.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-386812 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-386812.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-843070 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-843070.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-829656 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-594373.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-647455 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-134651.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-295483 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-647455.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-711309 du 12 septembre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-711309.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-524778 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-160243.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-784849 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-295483.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-134651 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-524778.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-770890 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-829656.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-035466 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-770890.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-594373 du 10 octobre 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-784849.html"}]}