{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Asterisk Open Source versions 1.8.x","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk Open Source versions 13.x ant\u00e9rieures \u00e0 13.7.1","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Certified Asterisk version 1.8.28","product":{"name":"Certified Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk Open Source versions 12.x","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Asterisk Open Source versions 11.x ant\u00e9rieures \u00e0 11.21.1","product":{"name":"Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Certified Asterisk versions 13.1 ant\u00e9rieures \u00e0 13.1-cert3","product":{"name":"Certified Asterisk","vendor":{"name":"Asterisk","scada":false}}},{"description":"Certified Asterisk versions 11.6 ant\u00e9rieures \u00e0 11.6-cert12","product":{"name":"Certified Asterisk","vendor":{"name":"Asterisk","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-002 du 03 f\u00e9vrier    2016","url":"http://downloads.asterisk.org/pub/security/AST-2016-002.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-003 du 03 f\u00e9vrier    2016","url":"http://downloads.asterisk.org/pub/security/AST-2016-003.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-001 du 03 f\u00e9vrier    2016","url":"http://downloads.asterisk.org/pub/security/AST-2016-001.html"}],"reference":"CERTFR-2016-AVI-046","revisions":[{"description":"version initiale.","revision_date":"2016-02-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Asterisk</span>. Certaines d'entre elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Asterisk","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-003 du 03 f\u00e9vrier 2016","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-002 du 03 f\u00e9vrier 2016","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Asterisk AST-2016-001 du 03 f\u00e9vrier 2016","url":null}]}