{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"CA Service Desk r11.2 ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"CA CMDB 11.2.","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"CA CMDB 11.0 ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}},{"description":"CA CMDB 11.1 ;","product":{"name":"Web","vendor":{"name":"Centreon","scada":false}}}],"affected_systems_content":null,"content":"## Contournement provisoire\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-2673","url":"https://www.cve.org/CVERecord?id=CVE-2008-2673"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 de CA :","url":"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=186585"}],"reference":"CERTA-2008-AVI-477","revisions":[{"description":"version initiale.","revision_date":"2008-09-30T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte"}],"summary":"Des vuln\u00e9rabilit\u00e9s affectant des produits de CA (CA Service Desk et CA\nCMDB) pourraient \u00eatre exploit\u00e9es pour injecter du code de fa\u00e7on\nindirecte sur un syst\u00e8me client vuln\u00e9rable. Ces vuln\u00e9rabilit\u00e9s sont dues\n\u00e0 un mauvais filtrage des donn\u00e9es dans des formulaires HTML.\n","title":"Vuln\u00e9rabilit\u00e9s dans CA Service Desk Web Forum","vendor_advisories":[]}