{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cognos Analytics versions 12.x ant\u00e9rieures \u00e0 12.0.4 IF2","product":{"name":"Cognos Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5","product":{"name":"Cognos Analytics","vendor":{"name":"IBM","scada":false}}},{"description":"Security QRadar EDR versions 3.12.x ant\u00e9rieures \u00e0 3.12.15","product":{"name":"Security QRadar EDR","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions 3.5 \u00e0 4.8 ant\u00e9rieures \u00e0 v4.8.8","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP11","product":{"name":"Security QRadar SIEM","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2023-29483","url":"https://www.cve.org/CVERecord?id=CVE-2023-29483"},{"name":"CVE-2023-7104","url":"https://www.cve.org/CVERecord?id=CVE-2023-7104"},{"name":"CVE-2020-21469","url":"https://www.cve.org/CVERecord?id=CVE-2020-21469"},{"name":"CVE-2024-45020","url":"https://www.cve.org/CVERecord?id=CVE-2024-45020"},{"name":"CVE-2024-46826","url":"https://www.cve.org/CVERecord?id=CVE-2024-46826"},{"name":"CVE-2024-42070","url":"https://www.cve.org/CVERecord?id=CVE-2024-42070"},{"name":"CVE-2023-51714","url":"https://www.cve.org/CVERecord?id=CVE-2023-51714"},{"name":"CVE-2021-47366","url":"https://www.cve.org/CVERecord?id=CVE-2021-47366"},{"name":"CVE-2024-41093","url":"https://www.cve.org/CVERecord?id=CVE-2024-41093"},{"name":"CVE-2021-21409","url":"https://www.cve.org/CVERecord?id=CVE-2021-21409"},{"name":"CVE-2024-36361","url":"https://www.cve.org/CVERecord?id=CVE-2024-36361"},{"name":"CVE-2024-35939","url":"https://www.cve.org/CVERecord?id=CVE-2024-35939"},{"name":"CVE-2024-41009","url":"https://www.cve.org/CVERecord?id=CVE-2024-41009"},{"name":"CVE-2024-29041","url":"https://www.cve.org/CVERecord?id=CVE-2024-29041"},{"name":"CVE-2019-9641","url":"https://www.cve.org/CVERecord?id=CVE-2019-9641"},{"name":"CVE-2022-21426","url":"https://www.cve.org/CVERecord?id=CVE-2022-21426"},{"name":"CVE-2024-39503","url":"https://www.cve.org/CVERecord?id=CVE-2024-39503"},{"name":"CVE-2024-50268","url":"https://www.cve.org/CVERecord?id=CVE-2024-50268"},{"name":"CVE-2024-42292","url":"https://www.cve.org/CVERecord?id=CVE-2024-42292"},{"name":"CVE-2024-28849","url":"https://www.cve.org/CVERecord?id=CVE-2024-28849"},{"name":"CVE-2016-2193","url":"https://www.cve.org/CVERecord?id=CVE-2016-2193"},{"name":"CVE-2024-42284","url":"https://www.cve.org/CVERecord?id=CVE-2024-42284"},{"name":"CVE-2024-43788","url":"https://www.cve.org/CVERecord?id=CVE-2024-43788"},{"name":"CVE-2024-4068","url":"https://www.cve.org/CVERecord?id=CVE-2024-4068"},{"name":"CVE-2024-26961","url":"https://www.cve.org/CVERecord?id=CVE-2024-26961"},{"name":"CVE-2024-38608","url":"https://www.cve.org/CVERecord?id=CVE-2024-38608"},{"name":"CVE-2024-50275","url":"https://www.cve.org/CVERecord?id=CVE-2024-50275"},{"name":"CVE-2024-49352","url":"https://www.cve.org/CVERecord?id=CVE-2024-49352"},{"name":"CVE-2023-37920","url":"https://www.cve.org/CVERecord?id=CVE-2023-37920"},{"name":"CVE-2024-40924","url":"https://www.cve.org/CVERecord?id=CVE-2024-40924"},{"name":"CVE-2024-22353","url":"https://www.cve.org/CVERecord?id=CVE-2024-22353"},{"name":"CVE-2020-20703","url":"https://www.cve.org/CVERecord?id=CVE-2020-20703"},{"name":"CVE-2024-50125","url":"https://www.cve.org/CVERecord?id=CVE-2024-50125"},{"name":"CVE-2022-48968","url":"https://www.cve.org/CVERecord?id=CVE-2022-48968"},{"name":"CVE-2024-47715","url":"https://www.cve.org/CVERecord?id=CVE-2024-47715"},{"name":"CVE-2024-26976","url":"https://www.cve.org/CVERecord?id=CVE-2024-26976"},{"name":"CVE-2024-56326","url":"https://www.cve.org/CVERecord?id=CVE-2024-56326"},{"name":"CVE-2024-50267","url":"https://www.cve.org/CVERecord?id=CVE-2024-50267"},{"name":"CVE-2019-9638","url":"https://www.cve.org/CVERecord?id=CVE-2019-9638"},{"name":"CVE-2022-49016","url":"https://www.cve.org/CVERecord?id=CVE-2022-49016"},{"name":"CVE-2023-52492","url":"https://www.cve.org/CVERecord?id=CVE-2023-52492"},{"name":"CVE-2023-5868","url":"https://www.cve.org/CVERecord?id=CVE-2023-5868"},{"name":"CVE-2019-9639","url":"https://www.cve.org/CVERecord?id=CVE-2019-9639"},{"name":"CVE-2023-28154","url":"https://www.cve.org/CVERecord?id=CVE-2023-28154"},{"name":"CVE-2024-27062","url":"https://www.cve.org/CVERecord?id=CVE-2024-27062"},{"name":"CVE-2024-35839","url":"https://www.cve.org/CVERecord?id=CVE-2024-35839"},{"name":"CVE-2024-49977","url":"https://www.cve.org/CVERecord?id=CVE-2024-49977"},{"name":"CVE-2024-43889","url":"https://www.cve.org/CVERecord?id=CVE-2024-43889"},{"name":"CVE-2019-20444","url":"https://www.cve.org/CVERecord?id=CVE-2019-20444"},{"name":"CVE-2024-29415","url":"https://www.cve.org/CVERecord?id=CVE-2024-29415"},{"name":"CVE-2024-46820","url":"https://www.cve.org/CVERecord?id=CVE-2024-46820"},{"name":"CVE-2024-45018","url":"https://www.cve.org/CVERecord?id=CVE-2024-45018"},{"name":"CVE-2024-33883","url":"https://www.cve.org/CVERecord?id=CVE-2024-33883"},{"name":"CVE-2024-43880","url":"https://www.cve.org/CVERecord?id=CVE-2024-43880"},{"name":"CVE-2024-26615","url":"https://www.cve.org/CVERecord?id=CVE-2024-26615"},{"name":"CVE-2024-50130","url":"https://www.cve.org/CVERecord?id=CVE-2024-50130"},{"name":"CVE-2024-4317","url":"https://www.cve.org/CVERecord?id=CVE-2024-4317"},{"name":"CVE-2024-25026","url":"https://www.cve.org/CVERecord?id=CVE-2024-25026"},{"name":"CVE-2024-38586","url":"https://www.cve.org/CVERecord?id=CVE-2024-38586"},{"name":"CVE-2024-53047","url":"https://www.cve.org/CVERecord?id=CVE-2024-53047"},{"name":"CVE-2024-31141","url":"https://www.cve.org/CVERecord?id=CVE-2024-31141"},{"name":"CVE-2023-5870","url":"https://www.cve.org/CVERecord?id=CVE-2023-5870"},{"name":"CVE-2024-4067","url":"https://www.cve.org/CVERecord?id=CVE-2024-4067"},{"name":"CVE-2024-45769","url":"https://www.cve.org/CVERecord?id=CVE-2024-45769"},{"name":"CVE-2024-10977","url":"https://www.cve.org/CVERecord?id=CVE-2024-10977"},{"name":"CVE-2024-27017","url":"https://www.cve.org/CVERecord?id=CVE-2024-27017"},{"name":"CVE-2018-20506","url":"https://www.cve.org/CVERecord?id=CVE-2018-20506"},{"name":"CVE-2018-20346","url":"https://www.cve.org/CVERecord?id=CVE-2018-20346"},{"name":"CVE-2024-46845","url":"https://www.cve.org/CVERecord?id=CVE-2024-46845"},{"name":"CVE-2024-40983","url":"https://www.cve.org/CVERecord?id=CVE-2024-40983"},{"name":"CVE-2021-37137","url":"https://www.cve.org/CVERecord?id=CVE-2021-37137"},{"name":"CVE-2023-5869","url":"https://www.cve.org/CVERecord?id=CVE-2023-5869"},{"name":"CVE-2022-49003","url":"https://www.cve.org/CVERecord?id=CVE-2022-49003"},{"name":"CVE-2024-42079","url":"https://www.cve.org/CVERecord?id=CVE-2024-42079"},{"name":"CVE-2024-35898","url":"https://www.cve.org/CVERecord?id=CVE-2024-35898"},{"name":"CVE-2024-43854","url":"https://www.cve.org/CVERecord?id=CVE-2024-43854"},{"name":"CVE-2024-44935","url":"https://www.cve.org/CVERecord?id=CVE-2024-44935"},{"name":"CVE-2024-50124","url":"https://www.cve.org/CVERecord?id=CVE-2024-50124"},{"name":"CVE-2022-24823","url":"https://www.cve.org/CVERecord?id=CVE-2022-24823"},{"name":"CVE-2024-49875","url":"https://www.cve.org/CVERecord?id=CVE-2024-49875"},{"name":"CVE-2019-9020","url":"https://www.cve.org/CVERecord?id=CVE-2019-9020"},{"name":"CVE-2024-41066","url":"https://www.cve.org/CVERecord?id=CVE-2024-41066"},{"name":"CVE-2021-37136","url":"https://www.cve.org/CVERecord?id=CVE-2021-37136"},{"name":"CVE-2019-9023","url":"https://www.cve.org/CVERecord?id=CVE-2019-9023"},{"name":"CVE-2024-7348","url":"https://www.cve.org/CVERecord?id=CVE-2024-7348"},{"name":"CVE-2024-42244","url":"https://www.cve.org/CVERecord?id=CVE-2024-42244"},{"name":"CVE-2024-10976","url":"https://www.cve.org/CVERecord?id=CVE-2024-10976"},{"name":"CVE-2024-41942","url":"https://www.cve.org/CVERecord?id=CVE-2024-41942"},{"name":"CVE-2021-21295","url":"https://www.cve.org/CVERecord?id=CVE-2021-21295"},{"name":"CVE-2024-45770","url":"https://www.cve.org/CVERecord?id=CVE-2024-45770"},{"name":"CVE-2024-26851","url":"https://www.cve.org/CVERecord?id=CVE-2024-26851"},{"name":"CVE-2022-48773","url":"https://www.cve.org/CVERecord?id=CVE-2022-48773"},{"name":"CVE-2019-12900","url":"https://www.cve.org/CVERecord?id=CVE-2019-12900"},{"name":"CVE-2024-50282","url":"https://www.cve.org/CVERecord?id=CVE-2024-50282"},{"name":"CVE-2024-24857","url":"https://www.cve.org/CVERecord?id=CVE-2024-24857"},{"name":"CVE-2024-49866","url":"https://www.cve.org/CVERecord?id=CVE-2024-49866"},{"name":"CVE-2024-49949","url":"https://www.cve.org/CVERecord?id=CVE-2024-49949"},{"name":"CVE-2021-43797","url":"https://www.cve.org/CVERecord?id=CVE-2021-43797"},{"name":"CVE-2024-56201","url":"https://www.cve.org/CVERecord?id=CVE-2024-56201"},{"name":"CVE-2024-41092","url":"https://www.cve.org/CVERecord?id=CVE-2024-41092"},{"name":"CVE-2024-5569","url":"https://www.cve.org/CVERecord?id=CVE-2024-5569"},{"name":"CVE-2024-29736","url":"https://www.cve.org/CVERecord?id=CVE-2024-29736"},{"name":"CVE-2019-9021","url":"https://www.cve.org/CVERecord?id=CVE-2019-9021"},{"name":"CVE-2024-27268","url":"https://www.cve.org/CVERecord?id=CVE-2024-27268"},{"name":"CVE-2024-47535","url":"https://www.cve.org/CVERecord?id=CVE-2024-47535"},{"name":"CVE-2022-21434","url":"https://www.cve.org/CVERecord?id=CVE-2022-21434"},{"name":"CVE-2024-41042","url":"https://www.cve.org/CVERecord?id=CVE-2024-41042"},{"name":"CVE-2023-2454","url":"https://www.cve.org/CVERecord?id=CVE-2023-2454"},{"name":"CVE-2022-42004","url":"https://www.cve.org/CVERecord?id=CVE-2022-42004"},{"name":"CVE-2024-10041","url":"https://www.cve.org/CVERecord?id=CVE-2024-10041"},{"name":"CVE-2022-34169","url":"https://www.cve.org/CVERecord?id=CVE-2022-34169"},{"name":"CVE-2024-43892","url":"https://www.cve.org/CVERecord?id=CVE-2024-43892"},{"name":"CVE-2024-50252","url":"https://www.cve.org/CVERecord?id=CVE-2024-50252"},{"name":"CVE-2024-37890","url":"https://www.cve.org/CVERecord?id=CVE-2024-37890"},{"name":"CVE-2024-47668","url":"https://www.cve.org/CVERecord?id=CVE-2024-47668"},{"name":"CVE-2017-15010","url":"https://www.cve.org/CVERecord?id=CVE-2017-15010"},{"name":"CVE-2023-52921","url":"https://www.cve.org/CVERecord?id=CVE-2023-52921"},{"name":"CVE-2024-53677","url":"https://www.cve.org/CVERecord?id=CVE-2024-53677"},{"name":"CVE-2024-10978","url":"https://www.cve.org/CVERecord?id=CVE-2024-10978"},{"name":"CVE-2024-53140","url":"https://www.cve.org/CVERecord?id=CVE-2024-53140"},{"name":"CVE-2024-50602","url":"https://www.cve.org/CVERecord?id=CVE-2024-50602"},{"name":"CVE-2023-2455","url":"https://www.cve.org/CVERecord?id=CVE-2023-2455"},{"name":"CVE-2024-39338","url":"https://www.cve.org/CVERecord?id=CVE-2024-39338"},{"name":"CVE-2019-20478","url":"https://www.cve.org/CVERecord?id=CVE-2019-20478"},{"name":"CVE-2024-0985","url":"https://www.cve.org/CVERecord?id=CVE-2024-0985"},{"name":"CVE-2024-38541","url":"https://www.cve.org/CVERecord?id=CVE-2024-38541"},{"name":"CVE-2024-40984","url":"https://www.cve.org/CVERecord?id=CVE-2024-40984"},{"name":"CVE-2023-52922","url":"https://www.cve.org/CVERecord?id=CVE-2023-52922"},{"name":"CVE-2024-50274","url":"https://www.cve.org/CVERecord?id=CVE-2024-50274"},{"name":"CVE-2024-38540","url":"https://www.cve.org/CVERecord?id=CVE-2024-38540"},{"name":"CVE-2021-21290","url":"https://www.cve.org/CVERecord?id=CVE-2021-21290"},{"name":"CVE-2024-29180","url":"https://www.cve.org/CVERecord?id=CVE-2024-29180"},{"name":"CVE-2022-42003","url":"https://www.cve.org/CVERecord?id=CVE-2022-42003"},{"name":"CVE-2024-53064","url":"https://www.cve.org/CVERecord?id=CVE-2024-53064"},{"name":"CVE-2023-50314","url":"https://www.cve.org/CVERecord?id=CVE-2023-50314"},{"name":"CVE-2023-52917","url":"https://www.cve.org/CVERecord?id=CVE-2023-52917"},{"name":"CVE-2023-26136","url":"https://www.cve.org/CVERecord?id=CVE-2023-26136"},{"name":"CVE-2024-44990","url":"https://www.cve.org/CVERecord?id=CVE-2024-44990"},{"name":"CVE-2023-42282","url":"https://www.cve.org/CVERecord?id=CVE-2023-42282"},{"name":"CVE-2024-42301","url":"https://www.cve.org/CVERecord?id=CVE-2024-42301"},{"name":"CVE-2024-24786","url":"https://www.cve.org/CVERecord?id=CVE-2024-24786"},{"name":"CVE-2024-22354","url":"https://www.cve.org/CVERecord?id=CVE-2024-22354"},{"name":"CVE-2024-50279","url":"https://www.cve.org/CVERecord?id=CVE-2024-50279"},{"name":"CVE-2022-21476","url":"https://www.cve.org/CVERecord?id=CVE-2022-21476"},{"name":"CVE-2019-16869","url":"https://www.cve.org/CVERecord?id=CVE-2019-16869"},{"name":"CVE-2022-23491","url":"https://www.cve.org/CVERecord?id=CVE-2022-23491"},{"name":"CVE-2022-21541","url":"https://www.cve.org/CVERecord?id=CVE-2022-21541"},{"name":"CVE-2024-26924","url":"https://www.cve.org/CVERecord?id=CVE-2024-26924"},{"name":"CVE-2022-21540","url":"https://www.cve.org/CVERecord?id=CVE-2022-21540"},{"name":"CVE-2024-44989","url":"https://www.cve.org/CVERecord?id=CVE-2024-44989"},{"name":"CVE-2018-20505","url":"https://www.cve.org/CVERecord?id=CVE-2018-20505"},{"name":"CVE-2024-32007","url":"https://www.cve.org/CVERecord?id=CVE-2024-32007"},{"name":"CVE-2024-10979","url":"https://www.cve.org/CVERecord?id=CVE-2024-10979"},{"name":"CVE-2019-20445","url":"https://www.cve.org/CVERecord?id=CVE-2019-20445"},{"name":"CVE-2024-40961","url":"https://www.cve.org/CVERecord?id=CVE-2024-40961"}],"links":[],"reference":"CERTFR-2025-AVI-0106","revisions":[{"description":"Version initiale","revision_date":"2025-02-07T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":"2025-02-04","title":"Bulletin de s\u00e9curit\u00e9 IBM 7182424","url":"https://www.ibm.com/support/pages/node/7182424"},{"published_at":"2025-02-03","title":"Bulletin de s\u00e9curit\u00e9 IBM 7182335","url":"https://www.ibm.com/support/pages/node/7182335"},{"published_at":"2025-02-02","title":"Bulletin de s\u00e9curit\u00e9 IBM 7181898","url":"https://www.ibm.com/support/pages/node/7181898"},{"published_at":"2025-02-04","title":"Bulletin de s\u00e9curit\u00e9 IBM 7181480","url":"https://www.ibm.com/support/pages/node/7181480"},{"published_at":"2025-02-05","title":"Bulletin de s\u00e9curit\u00e9 IBM 7182696","url":"https://www.ibm.com/support/pages/node/7182696"}]}