{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Logiciel Cisco IOS XE vuln\u00e9rable configur\u00e9 avec la fonctionnalit\u00e9 NAT","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 2000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 4000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateurs Cisco Catalyst 3650 et 3850 ex\u00e9cutant une version logiciel Cisco IOS XE vuln\u00e9rable avec le serveur HTTP activ\u00e9","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 5000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 3010 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Cisco Catalyst 3650, 3850 et 4500E ex\u00e9cutant une version vuln\u00e9rable du logiciel Cisco IOS XE avec la fonctionnalit\u00e9 errdisable activ\u00e9","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Routeurs Cisco ISR G2 ou Cisco ISR4451-X avec un module SM-X-1T3/E3 install\u00e9 et ex\u00e9cutant une version vuln\u00e9rable des logiciels Cisco IOS ou IOS XE","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 4010 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Connected Grid Ethernet Module Interface Card ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Logiciel Cisco IOS XE vuln\u00e9rable avec le serveur HTTP activ\u00e9","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Cisco Catalyst ex\u00e9cutant une version logiciel vuln\u00e9rable de Cisco IOS ou Cisco IOS XE avec la fonctionnalit\u00e9 cluster activ\u00e9","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Logiciels Cisco IOS XE et certains \u00e9quipements de la s\u00e9rie Cisco 5500-X Adaptive Security Appliances (ASA) ex\u00e9cutant le logiciel Cisco ASA ou Cisco Firepower Threat Defense (FTD)","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Logiciels Cisco IOS et IOS XE vuln\u00e9rables configur\u00e9s avec une adresse IPv6","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 2000U Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Logiciels Cisco IOS et IOS XE vuln\u00e9rables configur\u00e9s avec la fonctionnalit\u00e9 OSPFv3","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur Industrial Ethernet 3000 Series ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Commutateur 2500 Series Connected Grid ex\u00e9cutant une version vuln\u00e9rable de Cisco IOS et configur\u00e9 pour g\u00e9rer les paquets PTP","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}},{"description":"Logiciels Cisco IOS XE en version 16.6.1 ou 16.6.2 avec la fonctionnalit\u00e9 CDP activ\u00e9","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-0472","url":"https://www.cve.org/CVERecord?id=CVE-2018-0472"},{"name":"CVE-2018-0481","url":"https://www.cve.org/CVERecord?id=CVE-2018-0481"},{"name":"CVE-2018-0473","url":"https://www.cve.org/CVERecord?id=CVE-2018-0473"},{"name":"CVE-2018-0475","url":"https://www.cve.org/CVERecord?id=CVE-2018-0475"},{"name":"CVE-2018-0476","url":"https://www.cve.org/CVERecord?id=CVE-2018-0476"},{"name":"CVE-2018-0467","url":"https://www.cve.org/CVERecord?id=CVE-2018-0467"},{"name":"CVE-2018-0469","url":"https://www.cve.org/CVERecord?id=CVE-2018-0469"},{"name":"CVE-2018-0480","url":"https://www.cve.org/CVERecord?id=CVE-2018-0480"},{"name":"CVE-2018-0470","url":"https://www.cve.org/CVERecord?id=CVE-2018-0470"},{"name":"CVE-2018-0466","url":"https://www.cve.org/CVERecord?id=CVE-2018-0466"},{"name":"CVE-2018-0485","url":"https://www.cve.org/CVERecord?id=CVE-2018-0485"},{"name":"CVE-2018-0477","url":"https://www.cve.org/CVERecord?id=CVE-2018-0477"},{"name":"CVE-2018-0471","url":"https://www.cve.org/CVERecord?id=CVE-2018-0471"}],"links":[],"reference":"CERTFR-2018-AVI-458","revisions":[{"description":"Version initiale","revision_date":"2018-09-27T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-sip-alg du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-iosxe-cmdinj du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-iosxe-cmdinj"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-cmp du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cmp"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-sm1t3e3 du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sm1t3e3"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ospfv3-dos du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ospfv3-dos"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ipv6hbh du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipv6hbh"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-cdp-memleak du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cdp-memleak"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ptp du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-webdos du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webdos"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-ipsec du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-webuidos du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-webuidos"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180926-errdisable du 26 septembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-errdisable"}]}