{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>SAP NetWeaver 7.x.</P>","content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans SAP NetWeaver et\npermettent \u00e0 un utilisateur malintentionn\u00e9 de r\u00e9aliser une injection de\ncode indirecte \u00e0 distance au moyen d'une requ\u00eate sp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n\nL'acc\u00e8s n'est pas public.\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 SAP 1438191\u00a0:","url":"http://service.sap.com/sap/support/notes/1438191"},{"title":"Bulletin de s\u00e9curit\u00e9 SAP 1450270\u00a0:","url":"http://service.sap.com/sap/support/notes/1450270"},{"title":"Bulletin de s\u00e9curit\u00e9 SAP 1512776\u00a0:","url":"http://service.sap.com/sap/support/notes/1512776"}],"reference":"CERTA-2011-AVI-159","revisions":[{"description":"version initiale.","revision_date":"2011-03-18T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s de type injection de code indirecte \u00e0 distance\nont \u00e9t\u00e9 corrig\u00e9es dans SAP NetWeaver.\n","title":"Vuln\u00e9rabilit\u00e9s dans SAP NetWeaver","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SAP 1438191, 1450270 et 1512776","url":null}]}