{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Unified CDM Application Software versions ant\u00e9rieures \u00e0 10","product":{"name":"Unified Communications","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unified CDM Platform Software versions ant\u00e9rieures \u00e0 4.4.2","product":{"name":"Unified Communications","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2014-3300","url":"https://www.cve.org/CVERecord?id=CVE-2014-3300"},{"name":"CVE-2014-2198","url":"https://www.cve.org/CVERecord?id=CVE-2014-2198"},{"name":"CVE-2014-2197","url":"https://www.cve.org/CVERecord?id=CVE-2014-2197"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140702-cucdm du 02 juillet 2014","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"}],"reference":"CERTFR-2014-AVI-295","revisions":[{"description":"version initiale.","revision_date":"2014-07-03T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Cisco Unified Communications Domain Manager. Elles\npermettent \u00e0 un attaquant de provoquer un contournement de la politique\nde s\u00e9curit\u00e9, une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Cisco Unified Communications Domain Manager","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140702-cucdm du 02 juillet 2014","url":null}]}