{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SAP NetWeaver 7.x.","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nSAP a corrig\u00e9 de mutiples vuln\u00e9rabilit\u00e9s dans NetWeaver 7.x. Celles-ci\npermettent notamment :\n\n-   l'ex\u00e9cution de commandes arbitraire ;\n-   l'injection de code HTML arbitraire dans les donn\u00e9es renvoy\u00e9es aux\n    utilisateurs ;\n-   la cr\u00e9ation arbitraire d'utilisateurs.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Note de support SAP 1583286 :","url":"https://service.sap.com/sap/support/notes/1583286"},{"title":"Note de support SAP 1572325 :","url":"https://service.sap.com/sap/support/notes/1572325"},{"title":"Note de support SAP 1546307 :","url":"https://service.sap.com/sap/support/notes/1546307"},{"title":"Note de support SAP 1580017 :","url":"https://service.sap.com/sap/support/notes/1580017"},{"title":"Note de support SAP 1589525 :","url":"https://service.sap.com/sap/support/notes/1589525"},{"title":"Note de support SAP 1616058 :","url":"https://service.sap.com/sap/support/notes/1616058"},{"title":"Note de support SAP 1569550 :","url":"https://service.sap.com/sap/support/notes/1569550"}],"reference":"CERTA-2011-AVI-649","revisions":[{"description":"version initiale.","revision_date":"2011-11-18T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Injection de code indirecte \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s, dont les plus critiques permettent\nl'ex\u00e9cution de code arbitraire et l'atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es,\nont \u00e9t\u00e9 corrig\u00e9es dans SAP NetWeaver 7.x.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans SAP NetWeaver","vendor_advisories":[{"published_at":null,"title":"Notes de support SAP 1589525, 1616058, 1580017, 1583286, 1572325, 1546307, 1569550","url":null}]}