{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SAP NetWeaver 7.x ;","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}},{"description":"SAP Web Application Server 7.x.","product":{"name":"N/A","vendor":{"name":"SAP","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SAP. Elles permettent\n\u00e0 un utilisateur malintentionn\u00e9 d'effectuer un d\u00e9ni de service, de\nporter atteinte \u00e0 la confidentialit\u00e9 de donn\u00e9es sensibles ou d'injecter\nindirectement du code \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Bulletins de s\u00e9curit\u00e9 SAP :","url":"http://service.sap.com/sap/support/notes/1536640"},{"title":"Bulletins de s\u00e9curit\u00e9 SAP :","url":"http://service.sap.com/sap/support/notes/1556749"},{"title":"Bulletins de s\u00e9curit\u00e9 SAP :","url":"http://service.sap.com/sap/support/notes/1553930"}],"reference":"CERTA-2011-AVI-652","revisions":[{"description":"version initiale.","revision_date":"2011-11-21T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s permettant un d\u00e9ni de service, une injection de\ncode indirecte \u00e0 distance ainsi que l'acc\u00e8s non autoris\u00e9 \u00e0 des donn\u00e9es\nsensibles ont \u00e9t\u00e9 d\u00e9couvertes dans <span class=\"textit\">SAP</span>.\n","title":"Vuln\u00e9rabilit\u00e9s dans SAP","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 SAP","url":null}]}