{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Service Gateway versions ant\u00e9rieures \u00e0 3.0.10","product":{"name":"Service Gateway","vendor":{"name":"Trend Micro","scada":false}}},{"description":"Deep Discovery Inspector versions 6.7.x ant\u00e9rieures \u00e0 6.7 Cp 1107","product":{"name":"Deep Discovery Inspector","vendor":{"name":"Trend Micro","scada":false}}},{"description":"Deep Discovery Inspector versions 6.6.x ant\u00e9rieures \u00e0 6.6 Cp 1097","product":{"name":"Deep Discovery Inspector","vendor":{"name":"Trend Micro","scada":false}}},{"description":"Trend Micro Web Gateway\t versions ant\u00e9rieures \u00e0 3.9.5.5840","product":{"name":"Trend Micro Web Gateway","vendor":{"name":"Trend Micro","scada":false}}},{"description":"Deep Discovery Email Inspector sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"Deep Discovery Mail Inspector","vendor":{"name":"Trend Micro","scada":false}}}],"affected_systems_content":"L'\u00e9diteur indique que les versions 5.8.x \u00e0 6.5.x de Deep Discovery Inspector sont affect\u00e9es par les vuln\u00e9rabilit\u00e9s CVE-2024-46902 et CVE-2024-46903 mais ne b\u00e9n\u00e9ficieront pas de correctifs de s\u00e9curit\u00e9. \nDeep Discovery Inspector et Deep Discovery Email Inspector sont affect\u00e9s par la vuln\u00e9rabilit\u00e9 CVE-2024-6387; il est n\u00e9cessaire de contacter l'\u00e9diteur pour acc\u00e9der aux correctifs. ","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2024-46903","url":"https://www.cve.org/CVERecord?id=CVE-2024-46903"},{"name":"CVE-2024-46902","url":"https://www.cve.org/CVERecord?id=CVE-2024-46902"},{"name":"CVE-2006-5051","url":"https://www.cve.org/CVERecord?id=CVE-2006-5051"},{"name":"CVE-2024-6387","url":"https://www.cve.org/CVERecord?id=CVE-2024-6387"},{"name":"CVE-2008-4109","url":"https://www.cve.org/CVERecord?id=CVE-2008-4109"}],"links":[],"reference":"CERTFR-2024-AVI-0811","revisions":[{"description":"Version initiale","revision_date":"2024-09-25T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend Micro. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro","vendor_advisories":[{"published_at":"2024-09-16","title":"Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0017793","url":"https://success.trendmicro.com/en-US/solution/KA-0017793"},{"published_at":"2024-09-05","title":"Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0016976","url":"https://success.trendmicro.com/en-US/solution/KA-0016976"}]}