{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 3","product":{"name":"Cognos Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8","product":{"name":"Cognos Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"AIX versions 7.2 et 7.3 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH","product":{"name":"AIX","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.2","product":{"name":"Cognos Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"Websphere Liberty versions ant\u00e9rieures \u00e0 23.0.0.12","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"VIOS versions 3.1 et 4.1 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH","product":{"name":"VIOS","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.3","product":{"name":"Cloud Pak","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 IF1","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Transformer versions ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8","product":{"name":"Cognos Transformer","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-0216","url":"https://www.cve.org/CVERecord?id=CVE-2023-0216"},{"name":"CVE-2021-44906","url":"https://www.cve.org/CVERecord?id=CVE-2021-44906"},{"name":"CVE-2023-21938","url":"https://www.cve.org/CVERecord?id=CVE-2023-21938"},{"name":"CVE-2023-0401","url":"https://www.cve.org/CVERecord?id=CVE-2023-0401"},{"name":"CVE-2023-21843","url":"https://www.cve.org/CVERecord?id=CVE-2023-21843"},{"name":"CVE-2022-21426","url":"https://www.cve.org/CVERecord?id=CVE-2022-21426"},{"name":"CVE-2021-35586","url":"https://www.cve.org/CVERecord?id=CVE-2021-35586"},{"name":"CVE-2023-1370","url":"https://www.cve.org/CVERecord?id=CVE-2023-1370"},{"name":"CVE-2023-45857","url":"https://www.cve.org/CVERecord?id=CVE-2023-45857"},{"name":"CVE-2021-35550","url":"https://www.cve.org/CVERecord?id=CVE-2021-35550"},{"name":"CVE-2023-51385","url":"https://www.cve.org/CVERecord?id=CVE-2023-51385"},{"name":"CVE-2023-46234","url":"https://www.cve.org/CVERecord?id=CVE-2023-46234"},{"name":"CVE-2023-38359","url":"https://www.cve.org/CVERecord?id=CVE-2023-38359"},{"name":"CVE-2021-3572","url":"https://www.cve.org/CVERecord?id=CVE-2021-3572"},{"name":"CVE-2023-21954","url":"https://www.cve.org/CVERecord?id=CVE-2023-21954"},{"name":"CVE-2022-4304","url":"https://www.cve.org/CVERecord?id=CVE-2022-4304"},{"name":"CVE-2023-21939","url":"https://www.cve.org/CVERecord?id=CVE-2023-21939"},{"name":"CVE-2023-21830","url":"https://www.cve.org/CVERecord?id=CVE-2023-21830"},{"name":"CVE-2023-3817","url":"https://www.cve.org/CVERecord?id=CVE-2023-3817"},{"name":"CVE-2023-0215","url":"https://www.cve.org/CVERecord?id=CVE-2023-0215"},{"name":"CVE-2023-0286","url":"https://www.cve.org/CVERecord?id=CVE-2023-0286"},{"name":"CVE-2022-21299","url":"https://www.cve.org/CVERecord?id=CVE-2022-21299"},{"name":"CVE-2023-50324","url":"https://www.cve.org/CVERecord?id=CVE-2023-50324"},{"name":"CVE-2023-44487","url":"https://www.cve.org/CVERecord?id=CVE-2023-44487"},{"name":"CVE-2023-45133","url":"https://www.cve.org/CVERecord?id=CVE-2023-45133"},{"name":"CVE-2020-28458","url":"https://www.cve.org/CVERecord?id=CVE-2020-28458"},{"name":"CVE-2023-26115","url":"https://www.cve.org/CVERecord?id=CVE-2023-26115"},{"name":"CVE-2022-40897","url":"https://www.cve.org/CVERecord?id=CVE-2022-40897"},{"name":"CVE-2023-0466","url":"https://www.cve.org/CVERecord?id=CVE-2023-0466"},{"name":"CVE-2023-0465","url":"https://www.cve.org/CVERecord?id=CVE-2023-0465"},{"name":"CVE-2023-22081","url":"https://www.cve.org/CVERecord?id=CVE-2023-22081"},{"name":"CVE-2022-4203","url":"https://www.cve.org/CVERecord?id=CVE-2022-4203"},{"name":"CVE-2020-1971","url":"https://www.cve.org/CVERecord?id=CVE-2020-1971"},{"name":"CVE-2021-4160","url":"https://www.cve.org/CVERecord?id=CVE-2021-4160"},{"name":"CVE-2021-35559","url":"https://www.cve.org/CVERecord?id=CVE-2021-35559"},{"name":"CVE-2023-0217","url":"https://www.cve.org/CVERecord?id=CVE-2023-0217"},{"name":"CVE-2021-43138","url":"https://www.cve.org/CVERecord?id=CVE-2021-43138"},{"name":"CVE-2023-48795","url":"https://www.cve.org/CVERecord?id=CVE-2023-48795"},{"name":"CVE-2021-35565","url":"https://www.cve.org/CVERecord?id=CVE-2021-35565"},{"name":"CVE-2023-30589","url":"https://www.cve.org/CVERecord?id=CVE-2023-30589"},{"name":"CVE-2021-23445","url":"https://www.cve.org/CVERecord?id=CVE-2021-23445"},{"name":"CVE-2021-35603","url":"https://www.cve.org/CVERecord?id=CVE-2021-35603"},{"name":"CVE-2022-46364","url":"https://www.cve.org/CVERecord?id=CVE-2022-46364"},{"name":"CVE-2021-3711","url":"https://www.cve.org/CVERecord?id=CVE-2021-3711"},{"name":"CVE-2023-0464","url":"https://www.cve.org/CVERecord?id=CVE-2023-0464"},{"name":"CVE-2021-3449","url":"https://www.cve.org/CVERecord?id=CVE-2021-3449"},{"name":"CVE-2022-40609","url":"https://www.cve.org/CVERecord?id=CVE-2022-40609"},{"name":"CVE-2023-32344","url":"https://www.cve.org/CVERecord?id=CVE-2023-32344"},{"name":"CVE-2023-43051","url":"https://www.cve.org/CVERecord?id=CVE-2023-43051"},{"name":"CVE-2023-36478","url":"https://www.cve.org/CVERecord?id=CVE-2023-36478"},{"name":"CVE-2019-1547","url":"https://www.cve.org/CVERecord?id=CVE-2019-1547"},{"name":"CVE-2023-39410","url":"https://www.cve.org/CVERecord?id=CVE-2023-39410"},{"name":"CVE-2021-35588","url":"https://www.cve.org/CVERecord?id=CVE-2021-35588"},{"name":"CVE-2021-23839","url":"https://www.cve.org/CVERecord?id=CVE-2021-23839"},{"name":"CVE-2023-30588","url":"https://www.cve.org/CVERecord?id=CVE-2023-30588"},{"name":"CVE-2012-5784","url":"https://www.cve.org/CVERecord?id=CVE-2012-5784"},{"name":"CVE-2023-21937","url":"https://www.cve.org/CVERecord?id=CVE-2023-21937"},{"name":"CVE-2022-4450","url":"https://www.cve.org/CVERecord?id=CVE-2022-4450"},{"name":"CVE-2021-41035","url":"https://www.cve.org/CVERecord?id=CVE-2021-41035"},{"name":"CVE-2023-2650","url":"https://www.cve.org/CVERecord?id=CVE-2023-2650"},{"name":"CVE-2018-8032","url":"https://www.cve.org/CVERecord?id=CVE-2018-8032"},{"name":"CVE-2022-21434","url":"https://www.cve.org/CVERecord?id=CVE-2022-21434"},{"name":"CVE-2023-2597","url":"https://www.cve.org/CVERecord?id=CVE-2023-2597"},{"name":"CVE-2022-34169","url":"https://www.cve.org/CVERecord?id=CVE-2022-34169"},{"name":"CVE-2023-22049","url":"https://www.cve.org/CVERecord?id=CVE-2023-22049"},{"name":"CVE-2022-0778","url":"https://www.cve.org/CVERecord?id=CVE-2022-0778"},{"name":"CVE-2022-41854","url":"https://www.cve.org/CVERecord?id=CVE-2022-41854"},{"name":"CVE-2021-35578","url":"https://www.cve.org/CVERecord?id=CVE-2021-35578"},{"name":"CVE-2021-28167","url":"https://www.cve.org/CVERecord?id=CVE-2021-28167"},{"name":"CVE-2023-5676","url":"https://www.cve.org/CVERecord?id=CVE-2023-5676"},{"name":"CVE-2022-2097","url":"https://www.cve.org/CVERecord?id=CVE-2022-2097"},{"name":"CVE-2021-31684","url":"https://www.cve.org/CVERecord?id=CVE-2021-31684"},{"name":"CVE-2023-46604","url":"https://www.cve.org/CVERecord?id=CVE-2023-46604"},{"name":"CVE-2010-2084","url":"https://www.cve.org/CVERecord?id=CVE-2010-2084"},{"name":"CVE-2019-0227","url":"https://www.cve.org/CVERecord?id=CVE-2019-0227"},{"name":"CVE-2021-3712","url":"https://www.cve.org/CVERecord?id=CVE-2021-3712"},{"name":"CVE-2023-21968","url":"https://www.cve.org/CVERecord?id=CVE-2023-21968"},{"name":"CVE-2023-21930","url":"https://www.cve.org/CVERecord?id=CVE-2023-21930"},{"name":"CVE-2023-24998","url":"https://www.cve.org/CVERecord?id=CVE-2023-24998"},{"name":"CVE-2022-34357","url":"https://www.cve.org/CVERecord?id=CVE-2022-34357"},{"name":"CVE-2021-35564","url":"https://www.cve.org/CVERecord?id=CVE-2021-35564"},{"name":"CVE-2021-23840","url":"https://www.cve.org/CVERecord?id=CVE-2021-23840"},{"name":"CVE-2023-46158","url":"https://www.cve.org/CVERecord?id=CVE-2023-46158"},{"name":"CVE-2014-3596","url":"https://www.cve.org/CVERecord?id=CVE-2014-3596"},{"name":"CVE-2022-21496","url":"https://www.cve.org/CVERecord?id=CVE-2022-21496"},{"name":"CVE-2021-35556","url":"https://www.cve.org/CVERecord?id=CVE-2021-35556"},{"name":"CVE-2022-1471","url":"https://www.cve.org/CVERecord?id=CVE-2022-1471"},{"name":"CVE-2023-26136","url":"https://www.cve.org/CVERecord?id=CVE-2023-26136"},{"name":"CVE-2022-21443","url":"https://www.cve.org/CVERecord?id=CVE-2022-21443"},{"name":"CVE-2021-23841","url":"https://www.cve.org/CVERecord?id=CVE-2021-23841"},{"name":"CVE-2021-35560","url":"https://www.cve.org/CVERecord?id=CVE-2021-35560"},{"name":"CVE-2023-51384","url":"https://www.cve.org/CVERecord?id=CVE-2023-51384"},{"name":"CVE-2022-34165","url":"https://www.cve.org/CVERecord?id=CVE-2022-34165"},{"name":"CVE-2023-30996","url":"https://www.cve.org/CVERecord?id=CVE-2023-30996"},{"name":"CVE-2023-3446","url":"https://www.cve.org/CVERecord?id=CVE-2023-3446"},{"name":"CVE-2023-21967","url":"https://www.cve.org/CVERecord?id=CVE-2023-21967"}],"links":[],"reference":"CERTFR-2024-AVI-0180","revisions":[{"description":"Version initiale","revision_date":"2024-03-01T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits IBM</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7112541 du 23 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7112541"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7125640 du 28 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7125640"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7124466 du 28 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7124466"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7112504 du 28 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7112504"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7125461 du 28 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7125461"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7123154 du 23 f\u00e9vrier 2024","url":"https://www.ibm.com/support/pages/node/7123154"}]}