{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 4.1.16","product":{"name":"QRadar User Behavior Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"IBM QRadar SIEM versions 7.5.x sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"QRadar SIEM","vendor":{"name":"IBM","scada":false}}},{"description":"WebSphere Extreme Scale versions 8.6.1.x ant\u00e9rieures \u00e0 8.6.1.6 avec le correctif de s\u00e9curit\u00e9 PH61189","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2024-20919","url":"https://www.cve.org/CVERecord?id=CVE-2024-20919"},{"name":"CVE-2024-1597","url":"https://www.cve.org/CVERecord?id=CVE-2024-1597"},{"name":"CVE-2024-28849","url":"https://www.cve.org/CVERecord?id=CVE-2024-28849"},{"name":"CVE-2023-31582","url":"https://www.cve.org/CVERecord?id=CVE-2023-31582"},{"name":"CVE-2023-46234","url":"https://www.cve.org/CVERecord?id=CVE-2023-46234"},{"name":"CVE-2024-20926","url":"https://www.cve.org/CVERecord?id=CVE-2024-20926"},{"name":"CVE-2023-26464","url":"https://www.cve.org/CVERecord?id=CVE-2023-26464"},{"name":"CVE-2022-25647","url":"https://www.cve.org/CVERecord?id=CVE-2022-25647"},{"name":"CVE-2019-17571","url":"https://www.cve.org/CVERecord?id=CVE-2019-17571"},{"name":"CVE-2024-20921","url":"https://www.cve.org/CVERecord?id=CVE-2024-20921"},{"name":"CVE-2023-34462","url":"https://www.cve.org/CVERecord?id=CVE-2023-34462"},{"name":"CVE-2020-13936","url":"https://www.cve.org/CVERecord?id=CVE-2020-13936"},{"name":"CVE-2023-34454","url":"https://www.cve.org/CVERecord?id=CVE-2023-34454"},{"name":"CVE-2021-4104","url":"https://www.cve.org/CVERecord?id=CVE-2021-4104"},{"name":"CVE-2023-34453","url":"https://www.cve.org/CVERecord?id=CVE-2023-34453"},{"name":"CVE-2023-3635","url":"https://www.cve.org/CVERecord?id=CVE-2023-3635"},{"name":"CVE-2023-25613","url":"https://www.cve.org/CVERecord?id=CVE-2023-25613"},{"name":"CVE-2023-41419","url":"https://www.cve.org/CVERecord?id=CVE-2023-41419"},{"name":"CVE-2020-9493","url":"https://www.cve.org/CVERecord?id=CVE-2020-9493"},{"name":"CVE-2018-11770","url":"https://www.cve.org/CVERecord?id=CVE-2018-11770"},{"name":"CVE-2018-11804","url":"https://www.cve.org/CVERecord?id=CVE-2018-11804"},{"name":"CVE-2020-9488","url":"https://www.cve.org/CVERecord?id=CVE-2020-9488"},{"name":"CVE-2023-22946","url":"https://www.cve.org/CVERecord?id=CVE-2023-22946"},{"name":"CVE-2024-22195","url":"https://www.cve.org/CVERecord?id=CVE-2024-22195"},{"name":"CVE-2022-23305","url":"https://www.cve.org/CVERecord?id=CVE-2022-23305"},{"name":"CVE-2023-34455","url":"https://www.cve.org/CVERecord?id=CVE-2023-34455"},{"name":"CVE-2022-23307","url":"https://www.cve.org/CVERecord?id=CVE-2022-23307"},{"name":"CVE-2022-46751","url":"https://www.cve.org/CVERecord?id=CVE-2022-46751"},{"name":"CVE-2023-51775","url":"https://www.cve.org/CVERecord?id=CVE-2023-51775"},{"name":"CVE-2023-44981","url":"https://www.cve.org/CVERecord?id=CVE-2023-44981"},{"name":"CVE-2023-33850","url":"https://www.cve.org/CVERecord?id=CVE-2023-33850"},{"name":"CVE-2023-6481","url":"https://www.cve.org/CVERecord?id=CVE-2023-6481"},{"name":"CVE-2023-6378","url":"https://www.cve.org/CVERecord?id=CVE-2023-6378"},{"name":"CVE-2018-17190","url":"https://www.cve.org/CVERecord?id=CVE-2018-17190"},{"name":"CVE-2023-26145","url":"https://www.cve.org/CVERecord?id=CVE-2023-26145"},{"name":"CVE-2022-23302","url":"https://www.cve.org/CVERecord?id=CVE-2022-23302"},{"name":"CVE-2024-20918","url":"https://www.cve.org/CVERecord?id=CVE-2024-20918"},{"name":"CVE-2024-29180","url":"https://www.cve.org/CVERecord?id=CVE-2024-29180"},{"name":"CVE-2024-20945","url":"https://www.cve.org/CVERecord?id=CVE-2024-20945"},{"name":"CVE-2023-31486","url":"https://www.cve.org/CVERecord?id=CVE-2023-31486"},{"name":"CVE-2023-26159","url":"https://www.cve.org/CVERecord?id=CVE-2023-26159"},{"name":"CVE-2024-20952","url":"https://www.cve.org/CVERecord?id=CVE-2024-20952"},{"name":"CVE-2017-16137","url":"https://www.cve.org/CVERecord?id=CVE-2017-16137"}],"links":[],"reference":"CERTFR-2024-AVI-0419","revisions":[{"description":"Version initiale","revision_date":"2024-05-17T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits IBM</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7150929 du 10 mai 2024","url":"https://www.ibm.com/support/pages/node/7150929"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7152257 du 15 mai 2024","url":"https://www.ibm.com/support/pages/node/7152257"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7152260 du 15 mai 2024","url":"https://www.ibm.com/support/pages/node/7152260"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7152258 du 15 mai 2024","url":"https://www.ibm.com/support/pages/node/7152258"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7150844 du 10 mai 2024","url":"https://www.ibm.com/support/pages/node/7150844"}]}