{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco Small Business 500 Series Stackable Managed Switches","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"Appareils Cisco Meraki MR","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Appareils Cisco Meraki Z1 et Z3","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Appareils Cisco Meraki MX (incluant les \u00e9quipements physiques et l'\u00e9quipement virtuel vMX100)","product":{"name":"Meraki MX","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Stealthwatch Enterprise versions 6.10.2 et ant\u00e9rieures","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Appareils Cisco Meraki MS","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 350 Series Managed Switches","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Small Business 300 Series Managed Switches","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Small Business 200 Series Smart Switches","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 550X Series Stackable Managed Switches","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 250 Series Smart Switches","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Unity Express toutes versions ant\u00e9rieures \u00e0 9.0.6","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco 350X Series Stackable Managed Switches","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-15381","url":"https://www.cve.org/CVERecord?id=CVE-2018-15381"},{"name":"CVE-2018-15394","url":"https://www.cve.org/CVERecord?id=CVE-2018-15394"},{"name":"CVE-2018-15439","url":"https://www.cve.org/CVERecord?id=CVE-2018-15439"},{"name":"CVE-2018-0284","url":"https://www.cve.org/CVERecord?id=CVE-2018-0284"}],"links":[],"reference":"CERTFR-2018-AVI-536","revisions":[{"description":"Version initiale","revision_date":"2018-11-08T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune \u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181107-smc-auth-bypass du 7 novembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181107-sbsw-privacc du 7 novembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181107-meraki du 7 novembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20181107-cue du 7 novembre 2018","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cue"}]}