{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Software pour Open Networking in the Cloud (SONiC) 202205 versions ant\u00e9rieures \u00e0 20220531.26","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.9 versions ant\u00e9rieures \u00e0 17.9.3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Log Analytics Agent versions ant\u00e9rieures \u00e0 OMS Agent for Linux GA v1.19.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Open Management Infrastructure versions ant\u00e9rieures \u00e0 OMI version 1.8.1-0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.4 versions ant\u00e9rieures \u00e0 17.4.17","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code versions ant\u00e9rieures \u00e0 1.87.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Skype pour Consumer versions ant\u00e9rieures \u00e0 8.113","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Teams pour Android versions ant\u00e9rieures \u00e0 1.0.0.2024022302","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"System Center Operations Manager (SCOM) 2022 versions ant\u00e9rieures \u00e0 10.22.1070.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.17328.20136","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Container Monitoring Solution versions ant\u00e9rieures \u00e0 microsoft-oms-latest with full ID: sha256:855bfeb0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Software pour Open Networking in the Cloud (SONiC) 201911 versions ant\u00e9rieures \u00e0 20191130.89","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 13 versions ant\u00e9rieures \u00e0 15.02.1258.032","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"System Center Operations Manager (SCOM) 2019 versions ant\u00e9rieures \u00e0 10.19.1253.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Intune Company Portal pour Android versions ant\u00e9rieures \u00e0 2402","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 9.1 versions ant\u00e9rieures \u00e0 9.1.26","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Operations Management Suite Agent pour Linux (OMS) versions ant\u00e9rieures \u00e0 1.8.1-0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10408.20000","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Software pour Open Networking in the Cloud (SONiC) 202012 versions ant\u00e9rieures \u00e0 20201231.96","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Software pour Open Networking in the Cloud (SONiC) 201811 versions ant\u00e9rieures \u00e0 20181130.106","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.6 versions ant\u00e9rieures \u00e0 17.6.13","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5439.1000","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 23 versions ant\u00e9rieures \u00e0 15.01.2507.037","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.8 versions ant\u00e9rieures \u00e0 17.8.8","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 14 versions ant\u00e9rieures \u00e0 15.02.1544.009","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Authenticator versions ant\u00e9rieures \u00e0 6.2401.0617","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"SQL Server backend pour Django versions ant\u00e9rieures \u00e0 1.4.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2024-21392","url":"https://www.cve.org/CVERecord?id=CVE-2024-21392"},{"name":"CVE-2024-21426","url":"https://www.cve.org/CVERecord?id=CVE-2024-21426"},{"name":"CVE-2024-21390","url":"https://www.cve.org/CVERecord?id=CVE-2024-21390"},{"name":"CVE-2024-21419","url":"https://www.cve.org/CVERecord?id=CVE-2024-21419"},{"name":"CVE-2024-26198","url":"https://www.cve.org/CVERecord?id=CVE-2024-26198"},{"name":"CVE-2024-21448","url":"https://www.cve.org/CVERecord?id=CVE-2024-21448"},{"name":"CVE-2024-21411","url":"https://www.cve.org/CVERecord?id=CVE-2024-21411"},{"name":"CVE-2024-26165","url":"https://www.cve.org/CVERecord?id=CVE-2024-26165"},{"name":"CVE-2024-21334","url":"https://www.cve.org/CVERecord?id=CVE-2024-21334"},{"name":"CVE-2024-21330","url":"https://www.cve.org/CVERecord?id=CVE-2024-21330"},{"name":"CVE-2024-21418","url":"https://www.cve.org/CVERecord?id=CVE-2024-21418"},{"name":"CVE-2024-26164","url":"https://www.cve.org/CVERecord?id=CVE-2024-26164"},{"name":"CVE-2024-26201","url":"https://www.cve.org/CVERecord?id=CVE-2024-26201"},{"name":"CVE-2024-26190","url":"https://www.cve.org/CVERecord?id=CVE-2024-26190"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21418 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21448 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21448"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21390 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21390"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21334 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21392 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21392"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-26201 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26201"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-26198 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-26190 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21411 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21411"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21419 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21419"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21426 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21426"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-21330 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21330"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-26164 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26164"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-26165 du 12 mars 2024","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165"}],"reference":"CERTFR-2024-AVI-0208","revisions":[{"description":"Version initiale","revision_date":"2024-03-13T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits Microsoft</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft les produits Microsoft du 12 mars 2024","url":null}]}