{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D232 sur QFX5200/5110","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S5, 17.1R3 et 17.1R3 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R6 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D70, 15.1X53-D231","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R9 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2, 16.2R2-S2, 16.2R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"CTPView versions 7.1, 7.2 et 7.3.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1F6, 15.1R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R6-S2, 15.1R7","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S1, 16.1R6","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos Space ant\u00e9rieures \u00e0 17.2R1","product":{"name":"Junos Space","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R3 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1X49 versions 15.1X49-D100 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 15.1X49-D121","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D40 sur QFX, EX","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8 sur MX series","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D110 sur SRX","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"ScreenOS toutes versions sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D45","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R8-S5, 14.1R9","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55 sur SRX","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1R5-S4, 15.1R5-S5 et 15.1R6","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71 sur SRX","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D46, 14.1X53-D50 et 14.1X53-D107","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3R ant\u00e9rieures \u00e0 12.3R12-S7","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3R12 ant\u00e9rieures \u00e0 12.3R12-S7","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 12.3X48 versions 12.3X48-D55 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 12.3X48-D65","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D50","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D49, 15.1X53-D470 sur NFX","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D65 sur QFX10K","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S6, 16.1R4-S6 et 16.1R5","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Security Director et Log Collector ant\u00e9rieures \u00e0 17.2R1","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R7-S9, 14.2R8","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2017-3169","url":"https://www.cve.org/CVERecord?id=CVE-2017-3169"},{"name":"CVE-2017-14106","url":"https://www.cve.org/CVERecord?id=CVE-2017-14106"},{"name":"CVE-2018-0002","url":"https://www.cve.org/CVERecord?id=CVE-2018-0002"},{"name":"CVE-2015-5600","url":"https://www.cve.org/CVERecord?id=CVE-2015-5600"},{"name":"CVE-2018-0008","url":"https://www.cve.org/CVERecord?id=CVE-2018-0008"},{"name":"CVE-2015-6563","url":"https://www.cve.org/CVERecord?id=CVE-2015-6563"},{"name":"CVE-2018-0013","url":"https://www.cve.org/CVERecord?id=CVE-2018-0013"},{"name":"CVE-2015-6564","url":"https://www.cve.org/CVERecord?id=CVE-2015-6564"},{"name":"CVE-2015-7236","url":"https://www.cve.org/CVERecord?id=CVE-2015-7236"},{"name":"CVE-2017-7668","url":"https://www.cve.org/CVERecord?id=CVE-2017-7668"},{"name":"CVE-2017-9798","url":"https://www.cve.org/CVERecord?id=CVE-2017-9798"},{"name":"CVE-2018-0011","url":"https://www.cve.org/CVERecord?id=CVE-2018-0011"},{"name":"CVE-2016-2141","url":"https://www.cve.org/CVERecord?id=CVE-2016-2141"},{"name":"CVE-2015-7501","url":"https://www.cve.org/CVERecord?id=CVE-2015-7501"},{"name":"CVE-2015-5304","url":"https://www.cve.org/CVERecord?id=CVE-2015-5304"},{"name":"CVE-2018-0012","url":"https://www.cve.org/CVERecord?id=CVE-2018-0012"},{"name":"CVE-2018-0003","url":"https://www.cve.org/CVERecord?id=CVE-2018-0003"},{"name":"CVE-2017-9788","url":"https://www.cve.org/CVERecord?id=CVE-2017-9788"},{"name":"CVE-2015-5174","url":"https://www.cve.org/CVERecord?id=CVE-2015-5174"},{"name":"CVE-2017-1000112","url":"https://www.cve.org/CVERecord?id=CVE-2017-1000112"},{"name":"CVE-2016-8858","url":"https://www.cve.org/CVERecord?id=CVE-2016-8858"},{"name":"CVE-2017-5664","url":"https://www.cve.org/CVERecord?id=CVE-2017-5664"},{"name":"CVE-2017-1000111","url":"https://www.cve.org/CVERecord?id=CVE-2017-1000111"},{"name":"CVE-2017-6074","url":"https://www.cve.org/CVERecord?id=CVE-2017-6074"},{"name":"CVE-2017-5645","url":"https://www.cve.org/CVERecord?id=CVE-2017-5645"},{"name":"CVE-2018-0010","url":"https://www.cve.org/CVERecord?id=CVE-2018-0010"},{"name":"CVE-2018-0005","url":"https://www.cve.org/CVERecord?id=CVE-2018-0005"},{"name":"CVE-2018-0007","url":"https://www.cve.org/CVERecord?id=CVE-2018-0007"},{"name":"CVE-2016-8655","url":"https://www.cve.org/CVERecord?id=CVE-2016-8655"},{"name":"CVE-2017-3167","url":"https://www.cve.org/CVERecord?id=CVE-2017-3167"},{"name":"CVE-2015-5188","url":"https://www.cve.org/CVERecord?id=CVE-2015-5188"},{"name":"CVE-2018-0009","url":"https://www.cve.org/CVERecord?id=CVE-2018-0009"},{"name":"CVE-2017-7679","url":"https://www.cve.org/CVERecord?id=CVE-2017-7679"},{"name":"CVE-2018-0004","url":"https://www.cve.org/CVERecord?id=CVE-2018-0004"},{"name":"CVE-2018-0014","url":"https://www.cve.org/CVERecord?id=CVE-2018-0014"},{"name":"CVE-2017-2634","url":"https://www.cve.org/CVERecord?id=CVE-2017-2634"},{"name":"CVE-2016-8743","url":"https://www.cve.org/CVERecord?id=CVE-2016-8743"},{"name":"CVE-2015-5220","url":"https://www.cve.org/CVERecord?id=CVE-2015-5220"},{"name":"CVE-2018-0006","url":"https://www.cve.org/CVERecord?id=CVE-2018-0006"},{"name":"CVE-2018-0001","url":"https://www.cve.org/CVERecord?id=CVE-2018-0001"}],"links":[],"reference":"CERTFR-2018-AVI-026","revisions":[{"description":"Version initiale","revision_date":"2018-01-11T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10838 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10838&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10831 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10831&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10835 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10835&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10833 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10833&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10837 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10837&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10841 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10841&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10828 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10828&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10834 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10834&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10829 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10829&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10836 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10836&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10839 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10839&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10830 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10830&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10832 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10832&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10840 du 10 janvier 2018","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10840&cat=SIRT_1&actp=LIST"}]}