{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Spectrum Protect Server versions 8.1.x ant\u00e9rieures \u00e0 8.1.22","product":{"name":"Spectrum","vendor":{"name":"IBM","scada":false}}},{"description":"IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8","product":{"name":"QRadar SIEM","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-7104","url":"https://www.cve.org/CVERecord?id=CVE-2023-7104"},{"name":"CVE-2022-48564","url":"https://www.cve.org/CVERecord?id=CVE-2022-48564"},{"name":"CVE-2022-36760","url":"https://www.cve.org/CVERecord?id=CVE-2022-36760"},{"name":"CVE-2022-4304","url":"https://www.cve.org/CVERecord?id=CVE-2022-4304"},{"name":"CVE-2021-28957","url":"https://www.cve.org/CVERecord?id=CVE-2021-28957"},{"name":"CVE-2023-3817","url":"https://www.cve.org/CVERecord?id=CVE-2023-3817"},{"name":"CVE-2020-10683","url":"https://www.cve.org/CVERecord?id=CVE-2020-10683"},{"name":"CVE-2023-4091","url":"https://www.cve.org/CVERecord?id=CVE-2023-4091"},{"name":"CVE-2023-0215","url":"https://www.cve.org/CVERecord?id=CVE-2023-0215"},{"name":"CVE-2023-36632","url":"https://www.cve.org/CVERecord?id=CVE-2023-36632"},{"name":"CVE-2022-25647","url":"https://www.cve.org/CVERecord?id=CVE-2022-25647"},{"name":"CVE-2023-0286","url":"https://www.cve.org/CVERecord?id=CVE-2023-0286"},{"name":"CVE-2022-48565","url":"https://www.cve.org/CVERecord?id=CVE-2022-48565"},{"name":"CVE-2020-10735","url":"https://www.cve.org/CVERecord?id=CVE-2020-10735"},{"name":"CVE-2023-42669","url":"https://www.cve.org/CVERecord?id=CVE-2023-42669"},{"name":"CVE-2023-50961","url":"https://www.cve.org/CVERecord?id=CVE-2023-50961"},{"name":"CVE-2023-4813","url":"https://www.cve.org/CVERecord?id=CVE-2023-4813"},{"name":"CVE-2023-34968","url":"https://www.cve.org/CVERecord?id=CVE-2023-34968"},{"name":"CVE-2023-42753","url":"https://www.cve.org/CVERecord?id=CVE-2023-42753"},{"name":"CVE-2023-27043","url":"https://www.cve.org/CVERecord?id=CVE-2023-27043"},{"name":"CVE-2020-25659","url":"https://www.cve.org/CVERecord?id=CVE-2020-25659"},{"name":"CVE-2023-23931","url":"https://www.cve.org/CVERecord?id=CVE-2023-23931"},{"name":"CVE-2022-40303","url":"https://www.cve.org/CVERecord?id=CVE-2022-40303"},{"name":"CVE-2023-34967","url":"https://www.cve.org/CVERecord?id=CVE-2023-34967"},{"name":"CVE-2019-1547","url":"https://www.cve.org/CVERecord?id=CVE-2019-1547"},{"name":"CVE-2019-1563","url":"https://www.cve.org/CVERecord?id=CVE-2019-1563"},{"name":"CVE-2018-17196","url":"https://www.cve.org/CVERecord?id=CVE-2018-17196"},{"name":"CVE-2023-3961","url":"https://www.cve.org/CVERecord?id=CVE-2023-3961"},{"name":"CVE-2020-36242","url":"https://www.cve.org/CVERecord?id=CVE-2020-36242"},{"name":"CVE-2020-1968","url":"https://www.cve.org/CVERecord?id=CVE-2020-1968"},{"name":"CVE-2023-6481","url":"https://www.cve.org/CVERecord?id=CVE-2023-6481"},{"name":"CVE-2023-6129","url":"https://www.cve.org/CVERecord?id=CVE-2023-6129"},{"name":"CVE-2023-42503","url":"https://www.cve.org/CVERecord?id=CVE-2023-42503"},{"name":"CVE-2023-4806","url":"https://www.cve.org/CVERecord?id=CVE-2023-4806"},{"name":"CVE-2023-34966","url":"https://www.cve.org/CVERecord?id=CVE-2023-34966"},{"name":"CVE-2022-40304","url":"https://www.cve.org/CVERecord?id=CVE-2022-40304"},{"name":"CVE-2022-26377","url":"https://www.cve.org/CVERecord?id=CVE-2022-26377"},{"name":"CVE-2023-3446","url":"https://www.cve.org/CVERecord?id=CVE-2023-3446"},{"name":"CVE-2019-1551","url":"https://www.cve.org/CVERecord?id=CVE-2019-1551"},{"name":"CVE-2023-50960","url":"https://www.cve.org/CVERecord?id=CVE-2023-50960"},{"name":"CVE-2020-28493","url":"https://www.cve.org/CVERecord?id=CVE-2020-28493"},{"name":"CVE-2022-2127","url":"https://www.cve.org/CVERecord?id=CVE-2022-2127"},{"name":"CVE-2020-27783","url":"https://www.cve.org/CVERecord?id=CVE-2020-27783"},{"name":"CVE-2023-5678","url":"https://www.cve.org/CVERecord?id=CVE-2023-5678"},{"name":"CVE-2021-43818","url":"https://www.cve.org/CVERecord?id=CVE-2021-43818"},{"name":"CVE-2018-1000632","url":"https://www.cve.org/CVERecord?id=CVE-2018-1000632"}],"links":[],"reference":"CERTFR-2024-AVI-0262","revisions":[{"description":"Version initiale","revision_date":"2024-03-29T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits IBM</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7145367 du 27 mars 2024","url":"https://www.ibm.com/support/pages/node/7145367"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7144911 du 25 mars 2024","url":"https://www.ibm.com/support/pages/node/7144911"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7145265 du 26 mars 2024","url":"https://www.ibm.com/support/pages/node/7145265"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7145262 du 26 mars 2024","url":"https://www.ibm.com/support/pages/node/7145262"}]}