{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 5.1.0","product":{"name":"QRadar","vendor":{"name":"IBM","scada":false}}},{"description":"Tivoli Application Dependency Discovery Manager version 7.3.0 sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"Tivoli","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 versions 12.1.x ant\u00e9rieures \u00e0 12.1.2 sans le correctif de s\u00e9curit\u00e9 #72296","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"DB2 Data Management Console versions 3.1.1x ant\u00e9rieures \u00e0 3.1.13.2","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"WebSphere Application Server version 9.0 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"WebSphere Application Server version 8.5 avec IBM SDK, Java Technology Edition Version 8 SR8 FP 60","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 Big SQL on Cloud Pak for Data versions 7.8 sur Cloud Pak for Data 5.1 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.9 sans le correctif de s\u00e9curit\u00e9 #66394","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 version 12.1.3 sans le correctif de s\u00e9curit\u00e9 #71609","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 Big SQL on Cloud Pak for Data versions 7.6 sur Cloud Pak for Data 4.8 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 Big SQL on Cloud Pak for Data versions 8.2 sur Cloud Pak for Data 5.2 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"WebSphere Application Server Liberty versions 17.0.0.3 \u00e0 26.0.0.1 sans le correctif de s\u00e9curit\u00e9 PH69485 ou ant\u00e9rieures \u00e0 26.0.0.2 (disponibilit\u00e9 pr\u00e9vue pour le premier trimestre 2026)","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP14 IF04","product":{"name":"QRadar SIEM","vendor":{"name":"IBM","scada":false}}},{"description":"Db2 Big SQL on Cloud Pak for Data versions 7.7 sur Cloud Pak for Data 5.0 ant\u00e9rieures \u00e0 8.3 sur Cloud Pak for Data 5.3","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2025-2534","url":"https://www.cve.org/CVERecord?id=CVE-2025-2534"},{"name":"CVE-2023-1370","url":"https://www.cve.org/CVERecord?id=CVE-2023-1370"},{"name":"CVE-2016-2193","url":"https://www.cve.org/CVERecord?id=CVE-2016-2193"},{"name":"CVE-2024-4068","url":"https://www.cve.org/CVERecord?id=CVE-2024-4068"},{"name":"CVE-2022-2596","url":"https://www.cve.org/CVERecord?id=CVE-2022-2596"},{"name":"CVE-2025-41234","url":"https://www.cve.org/CVERecord?id=CVE-2025-41234"},{"name":"CVE-2025-46762","url":"https://www.cve.org/CVERecord?id=CVE-2025-46762"},{"name":"CVE-2025-36131","url":"https://www.cve.org/CVERecord?id=CVE-2025-36131"},{"name":"CVE-2025-56200","url":"https://www.cve.org/CVERecord?id=CVE-2025-56200"},{"name":"CVE-2024-37071","url":"https://www.cve.org/CVERecord?id=CVE-2024-37071"},{"name":"CVE-2019-9515","url":"https://www.cve.org/CVERecord?id=CVE-2019-9515"},{"name":"CVE-2025-36384","url":"https://www.cve.org/CVERecord?id=CVE-2025-36384"},{"name":"CVE-2024-47118","url":"https://www.cve.org/CVERecord?id=CVE-2024-47118"},{"name":"CVE-2025-36184","url":"https://www.cve.org/CVERecord?id=CVE-2025-36184"},{"name":"CVE-2022-25883","url":"https://www.cve.org/CVERecord?id=CVE-2022-25883"},{"name":"CVE-2025-48050","url":"https://www.cve.org/CVERecord?id=CVE-2025-48050"},{"name":"CVE-2025-24970","url":"https://www.cve.org/CVERecord?id=CVE-2025-24970"},{"name":"CVE-2019-9514","url":"https://www.cve.org/CVERecord?id=CVE-2019-9514"},{"name":"CVE-2025-41248","url":"https://www.cve.org/CVERecord?id=CVE-2025-41248"},{"name":"CVE-2024-13009","url":"https://www.cve.org/CVERecord?id=CVE-2024-13009"},{"name":"CVE-2025-57810","url":"https://www.cve.org/CVERecord?id=CVE-2025-57810"},{"name":"CVE-2024-41761","url":"https://www.cve.org/CVERecord?id=CVE-2024-41761"},{"name":"CVE-2025-58057","url":"https://www.cve.org/CVERecord?id=CVE-2025-58057"},{"name":"CVE-2026-21925","url":"https://www.cve.org/CVERecord?id=CVE-2026-21925"},{"name":"CVE-2025-22233","url":"https://www.cve.org/CVERecord?id=CVE-2025-22233"},{"name":"CVE-2025-36136","url":"https://www.cve.org/CVERecord?id=CVE-2025-36136"},{"name":"CVE-2024-38809","url":"https://www.cve.org/CVERecord?id=CVE-2024-38809"},{"name":"CVE-2024-4067","url":"https://www.cve.org/CVERecord?id=CVE-2024-4067"},{"name":"CVE-2022-33987","url":"https://www.cve.org/CVERecord?id=CVE-2022-33987"},{"name":"CVE-2024-30172","url":"https://www.cve.org/CVERecord?id=CVE-2024-30172"},{"name":"CVE-2024-51744","url":"https://www.cve.org/CVERecord?id=CVE-2024-51744"},{"name":"CVE-2024-38820","url":"https://www.cve.org/CVERecord?id=CVE-2024-38820"},{"name":"CVE-2024-45338","url":"https://www.cve.org/CVERecord?id=CVE-2024-45338"},{"name":"CVE-2023-48795","url":"https://www.cve.org/CVERecord?id=CVE-2023-48795"},{"name":"CVE-2024-10977","url":"https://www.cve.org/CVERecord?id=CVE-2024-10977"},{"name":"CVE-2025-36006","url":"https://www.cve.org/CVERecord?id=CVE-2025-36006"},{"name":"CVE-2024-48949","url":"https://www.cve.org/CVERecord?id=CVE-2024-48949"},{"name":"CVE-2025-36186","url":"https://www.cve.org/CVERecord?id=CVE-2025-36186"},{"name":"CVE-2025-7783","url":"https://www.cve.org/CVERecord?id=CVE-2025-7783"},{"name":"CVE-2025-27152","url":"https://www.cve.org/CVERecord?id=CVE-2025-27152"},{"name":"CVE-2025-12758","url":"https://www.cve.org/CVERecord?id=CVE-2025-12758"},{"name":"CVE-2025-6493","url":"https://www.cve.org/CVERecord?id=CVE-2025-6493"},{"name":"CVE-2025-33012","url":"https://www.cve.org/CVERecord?id=CVE-2025-33012"},{"name":"CVE-2024-48948","url":"https://www.cve.org/CVERecord?id=CVE-2024-48948"},{"name":"CVE-2025-64720","url":"https://www.cve.org/CVERecord?id=CVE-2025-64720"},{"name":"CVE-2024-7348","url":"https://www.cve.org/CVERecord?id=CVE-2024-7348"},{"name":"CVE-2022-37601","url":"https://www.cve.org/CVERecord?id=CVE-2022-37601"},{"name":"CVE-2025-25977","url":"https://www.cve.org/CVERecord?id=CVE-2025-25977"},{"name":"CVE-2024-10976","url":"https://www.cve.org/CVERecord?id=CVE-2024-10976"},{"name":"CVE-2025-11083","url":"https://www.cve.org/CVERecord?id=CVE-2025-11083"},{"name":"CVE-2024-6763","url":"https://www.cve.org/CVERecord?id=CVE-2024-6763"},{"name":"CVE-2025-66471","url":"https://www.cve.org/CVERecord?id=CVE-2025-66471"},{"name":"CVE-2026-21441","url":"https://www.cve.org/CVERecord?id=CVE-2026-21441"},{"name":"CVE-2025-65018","url":"https://www.cve.org/CVERecord?id=CVE-2025-65018"},{"name":"CVE-2025-55163","url":"https://www.cve.org/CVERecord?id=CVE-2025-55163"},{"name":"CVE-2025-54313","url":"https://www.cve.org/CVERecord?id=CVE-2025-54313"},{"name":"CVE-2025-66293","url":"https://www.cve.org/CVERecord?id=CVE-2025-66293"},{"name":"CVE-2025-58457","url":"https://www.cve.org/CVERecord?id=CVE-2025-58457"},{"name":"CVE-2025-66221","url":"https://www.cve.org/CVERecord?id=CVE-2025-66221"},{"name":"CVE-2022-22968","url":"https://www.cve.org/CVERecord?id=CVE-2022-22968"},{"name":"CVE-2025-39697","url":"https://www.cve.org/CVERecord?id=CVE-2025-39697"},{"name":"CVE-2025-29907","url":"https://www.cve.org/CVERecord?id=CVE-2025-29907"},{"name":"CVE-2024-47535","url":"https://www.cve.org/CVERecord?id=CVE-2024-47535"},{"name":"CVE-2025-9086","url":"https://www.cve.org/CVERecord?id=CVE-2025-9086"},{"name":"CVE-2024-41762","url":"https://www.cve.org/CVERecord?id=CVE-2024-41762"},{"name":"CVE-2021-23413","url":"https://www.cve.org/CVERecord?id=CVE-2021-23413"},{"name":"CVE-2025-26791","url":"https://www.cve.org/CVERecord?id=CVE-2025-26791"},{"name":"CVE-2025-39971","url":"https://www.cve.org/CVERecord?id=CVE-2025-39971"},{"name":"CVE-2019-9517","url":"https://www.cve.org/CVERecord?id=CVE-2019-9517"},{"name":"CVE-2022-41721","url":"https://www.cve.org/CVERecord?id=CVE-2022-41721"},{"name":"CVE-2025-58056","url":"https://www.cve.org/CVERecord?id=CVE-2025-58056"},{"name":"CVE-2022-25881","url":"https://www.cve.org/CVERecord?id=CVE-2022-25881"},{"name":"CVE-2024-38828","url":"https://www.cve.org/CVERecord?id=CVE-2024-38828"},{"name":"CVE-2024-57965","url":"https://www.cve.org/CVERecord?id=CVE-2024-57965"},{"name":"CVE-2025-22869","url":"https://www.cve.org/CVERecord?id=CVE-2025-22869"},{"name":"CVE-2024-10978","url":"https://www.cve.org/CVERecord?id=CVE-2024-10978"},{"name":"CVE-2025-25193","url":"https://www.cve.org/CVERecord?id=CVE-2025-25193"},{"name":"CVE-2026-21945","url":"https://www.cve.org/CVERecord?id=CVE-2026-21945"},{"name":"CVE-2025-22870","url":"https://www.cve.org/CVERecord?id=CVE-2025-22870"},{"name":"CVE-2023-2455","url":"https://www.cve.org/CVERecord?id=CVE-2023-2455"},{"name":"CVE-2024-40679","url":"https://www.cve.org/CVERecord?id=CVE-2024-40679"},{"name":"CVE-2025-5889","url":"https://www.cve.org/CVERecord?id=CVE-2025-5889"},{"name":"CVE-2024-30171","url":"https://www.cve.org/CVERecord?id=CVE-2024-30171"},{"name":"CVE-2019-9518","url":"https://www.cve.org/CVERecord?id=CVE-2019-9518"},{"name":"CVE-2022-38900","url":"https://www.cve.org/CVERecord?id=CVE-2022-38900"},{"name":"CVE-2025-14914","url":"https://www.cve.org/CVERecord?id=CVE-2025-14914"},{"name":"CVE-2025-27789","url":"https://www.cve.org/CVERecord?id=CVE-2025-27789"},{"name":"CVE-2025-48924","url":"https://www.cve.org/CVERecord?id=CVE-2025-48924"},{"name":"CVE-2024-47072","url":"https://www.cve.org/CVERecord?id=CVE-2024-47072"},{"name":"CVE-2025-41249","url":"https://www.cve.org/CVERecord?id=CVE-2025-41249"},{"name":"CVE-2025-27363","url":"https://www.cve.org/CVERecord?id=CVE-2025-27363"},{"name":"CVE-2022-37599","url":"https://www.cve.org/CVERecord?id=CVE-2022-37599"},{"name":"CVE-2023-26136","url":"https://www.cve.org/CVERecord?id=CVE-2023-26136"},{"name":"CVE-2019-9512","url":"https://www.cve.org/CVERecord?id=CVE-2019-9512"},{"name":"CVE-2025-30204","url":"https://www.cve.org/CVERecord?id=CVE-2025-30204"},{"name":"CVE-2024-45663","url":"https://www.cve.org/CVERecord?id=CVE-2024-45663"},{"name":"CVE-2025-33134","url":"https://www.cve.org/CVERecord?id=CVE-2025-33134"},{"name":"CVE-2019-9513","url":"https://www.cve.org/CVERecord?id=CVE-2019-9513"},{"name":"CVE-2025-58754","url":"https://www.cve.org/CVERecord?id=CVE-2025-58754"},{"name":"CVE-2024-38816","url":"https://www.cve.org/CVERecord?id=CVE-2024-38816"},{"name":"CVE-2022-25858","url":"https://www.cve.org/CVERecord?id=CVE-2022-25858"},{"name":"CVE-2024-57699","url":"https://www.cve.org/CVERecord?id=CVE-2024-57699"},{"name":"CVE-2024-10979","url":"https://www.cve.org/CVERecord?id=CVE-2024-10979"},{"name":"CVE-2025-66418","url":"https://www.cve.org/CVERecord?id=CVE-2025-66418"},{"name":"CVE-2025-36185","url":"https://www.cve.org/CVERecord?id=CVE-2025-36185"},{"name":"CVE-2025-48734","url":"https://www.cve.org/CVERecord?id=CVE-2025-48734"}],"links":[],"reference":"CERTFR-2026-AVI-0109","revisions":[{"description":"Version initiale","revision_date":"2026-01-30T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":"2026-01-28","title":"Bulletin de s\u00e9curit\u00e9 IBM 5691194","url":"https://www.ibm.com/support/pages/node/5691194"},{"published_at":"2026-01-27","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258104","url":"https://www.ibm.com/support/pages/node/7258104"},{"published_at":"2026-01-28","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258234","url":"https://www.ibm.com/support/pages/node/7258234"},{"published_at":"2026-01-27","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258110","url":"https://www.ibm.com/support/pages/node/7258110"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257910","url":"https://www.ibm.com/support/pages/node/7257910"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257899","url":"https://www.ibm.com/support/pages/node/7257899"},{"published_at":"2026-01-26","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258042","url":"https://www.ibm.com/support/pages/node/7258042"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257904","url":"https://www.ibm.com/support/pages/node/7257904"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257903","url":"https://www.ibm.com/support/pages/node/7257903"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257901","url":"https://www.ibm.com/support/pages/node/7257901"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257898","url":"https://www.ibm.com/support/pages/node/7257898"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257900","url":"https://www.ibm.com/support/pages/node/7257900"},{"published_at":"2026-01-25","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257978","url":"https://www.ibm.com/support/pages/node/7257978"},{"published_at":"2026-01-23","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257902","url":"https://www.ibm.com/support/pages/node/7257902"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257519","url":"https://www.ibm.com/support/pages/node/7257519"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258331","url":"https://www.ibm.com/support/pages/node/7258331"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257633","url":"https://www.ibm.com/support/pages/node/7257633"},{"published_at":"2026-01-28","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258232","url":"https://www.ibm.com/support/pages/node/7258232"},{"published_at":"2026-01-28","title":"Bulletin de s\u00e9curit\u00e9 IBM 7258224","url":"https://www.ibm.com/support/pages/node/7258224"},{"published_at":"2026-01-29","title":"Bulletin de s\u00e9curit\u00e9 IBM 7257678","url":"https://www.ibm.com/support/pages/node/7257678"}]}