{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Unity Connection versions 7.1 et ant\u00e9rieures ;","product":{"name":"Unity Connection","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unity Connection versions 8.0, 8.5 et 8.6.","product":{"name":"Unity Connection","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Cisco Unity\nConnection :\n\n-   un utilisateur authentifi\u00e9 disposant de droits Help Desk\n    Administrator peut \u00e9lever ses privil\u00e8ges et obtenir un acc\u00e8s complet\n    au syst\u00e8me. Seules les versions 7.1 et ant\u00e9rieures de Cisco Unity\n    Connection sont concern\u00e9es (CVE-2012-0366) ;\n-   en envoyant une s\u00e9quence sp\u00e9cifique de segments TCP, un attaquant\n    distant peut provoquer l'arr\u00eat inopin\u00e9 de services du syst\u00e8me\n    (CVE-2012-0367).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-0367","url":"https://www.cve.org/CVERecord?id=CVE-2012-0367"},{"name":"CVE-2012-0366","url":"https://www.cve.org/CVERecord?id=CVE-2012-0366"}],"links":[],"reference":"CERTA-2012-AVI-108","revisions":[{"description":"version initiale.","revision_date":"2012-03-01T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">Cisco Unity\nConnection</span> permettent de r\u00e9aliser un d\u00e9ni de service \u00e0 distance\net une \u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Cisco Unity Connection","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20120229-cuc du 29 f\u00e9vrier 2012","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cuc"}]}