{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP7 IF05","product":{"name":"Secure Analytics","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-43642","url":"https://www.cve.org/CVERecord?id=CVE-2023-43642"},{"name":"CVE-2023-37920","url":"https://www.cve.org/CVERecord?id=CVE-2023-37920"},{"name":"CVE-2023-20569","url":"https://www.cve.org/CVERecord?id=CVE-2023-20569"},{"name":"CVE-2023-4206","url":"https://www.cve.org/CVERecord?id=CVE-2023-4206"},{"name":"CVE-2023-3611","url":"https://www.cve.org/CVERecord?id=CVE-2023-3611"},{"name":"CVE-2023-32360","url":"https://www.cve.org/CVERecord?id=CVE-2023-32360"},{"name":"CVE-2022-43552","url":"https://www.cve.org/CVERecord?id=CVE-2022-43552"},{"name":"CVE-2023-4207","url":"https://www.cve.org/CVERecord?id=CVE-2023-4207"},{"name":"CVE-2023-20593","url":"https://www.cve.org/CVERecord?id=CVE-2023-20593"},{"name":"CVE-2022-40982","url":"https://www.cve.org/CVERecord?id=CVE-2022-40982"},{"name":"CVE-2023-4208","url":"https://www.cve.org/CVERecord?id=CVE-2023-4208"},{"name":"CVE-2023-3776","url":"https://www.cve.org/CVERecord?id=CVE-2023-3776"},{"name":"CVE-2023-44981","url":"https://www.cve.org/CVERecord?id=CVE-2023-44981"},{"name":"CVE-2023-5676","url":"https://www.cve.org/CVERecord?id=CVE-2023-5676"}],"links":[],"reference":"CERTFR-2024-AVI-0173","revisions":[{"description":"Version initiale","revision_date":"2024-02-29T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Secure\nAnalytics . Certaines d'entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper du 29 f\u00e9vrier 2024","url":"https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP7-IF05?language=en_US"}]}