{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco IPVC-3520-GW-4B ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3520-GW-2B ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3525-GW-1P ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3520-GW-2V ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3510-MCU ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3520-GW-2B2V ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3530-VTA.","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IPVC-3520-GW-4V ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nSelon Cisco, des noms de communaut\u00e9 SNMP non modifiables sont pr\u00e9sents\ndans les \u00e9quipements de visio-conf\u00e9rence cit\u00e9s ci-dessus.\n\nVia le biais de requ\u00eates SNMP, il est alors possible pour un utilisateur\ndistant mal intentionn\u00e9 de cr\u00e9er de nouvelles sessions ou m\u00eame re-router\ndes sessions existantes sur les \u00e9quipements vuln\u00e9rables.\n\n## Contournement provisoire\n\nFilter le trafic SNMP (port 161/UDP et 162/UDP) vers ces \u00e9quipements.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 du constructeur pour l'obtention des\ncorrectifs.\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Cisco \"Default SNMP  community strings in Cisco IP/VC products\" du 2 f\u00e9vrier 2005 :","url":"http://www.cisco.com/warp/public/707/cisco-sa-20050202-ipvc.shtml"}],"reference":"CERTA-2005-AVI-047","revisions":[{"description":"version initiale.","revision_date":"2005-02-03T00:00:00.000000"}],"risks":[{"description":"Prise de contr\u00f4le \u00e0 distance de l'\u00e9quipement"}],"summary":null,"title":"Vuln\u00e9rabilit\u00e9 des \u00e9quipements IP/VC de Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 de Cisco","url":null}]}