{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Unified Communications Manager 7.x ;","product":{"name":"Unified Communications Manager","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unified Communications Manager 6.x.","product":{"name":"Unified Communications Manager","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unified Communications Manager 8.x ;","product":{"name":"Unified Communications Manager","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nCisco Unified Communications Manager comprend un ex\u00e9cutable, avec\nl'attribut setuid, qui ne g\u00e8re pas correctement une option en ligne de\ncommande. Cette vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par un utilisateur\nlocal malveillant pour \u00e9lever ses privil\u00e8ges.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-3039","url":"https://www.cve.org/CVERecord?id=CVE-2010-3039"}],"links":[{"title":"Alerte de vuln\u00e9rabilit\u00e9 21656 Cisco du 03 novembre 2010 :","url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=21656"}],"reference":"CERTA-2010-AVI-540","revisions":[{"description":"version initiale.","revision_date":"2010-11-08T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans Cisco Unified Communications Manager permet \u00e0 un\nutilisateur local malveillant d'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 dans Cisco Unified Communications Manager","vendor_advisories":[{"published_at":null,"title":"Alerte de vuln\u00e9rabilit\u00e9 Cisco 21656 du 03 novembre 2010","url":null}]}