{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Magento versions 2.2.x ant\u00e9rieures \u00e0 2.2.9","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}},{"description":"Magento versions 2.3.x ant\u00e9rieures \u00e0 2.3.2","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}},{"description":"Magento versions 2.1.x ant\u00e9rieures \u00e0 2.1.18","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}},{"description":"SUPEE-11155","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}},{"description":"Magento Open Source versions ant\u00e9rieures \u00e0 1.9.4.2","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}},{"description":"Magento Commerce versions ant\u00e9rieures \u00e0 1.14.4.2","product":{"name":"Magento","vendor":{"name":"Adobe","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2019-7860","url":"https://www.cve.org/CVERecord?id=CVE-2019-7860"},{"name":"CVE-2019-7902","url":"https://www.cve.org/CVERecord?id=CVE-2019-7902"},{"name":"CVE-2019-7932","url":"https://www.cve.org/CVERecord?id=CVE-2019-7932"},{"name":"CVE-2019-7929","url":"https://www.cve.org/CVERecord?id=CVE-2019-7929"},{"name":"CVE-2019-7878","url":"https://www.cve.org/CVERecord?id=CVE-2019-7878"},{"name":"CVE-2019-7887","url":"https://www.cve.org/CVERecord?id=CVE-2019-7887"},{"name":"CVE-2019-7916","url":"https://www.cve.org/CVERecord?id=CVE-2019-7916"},{"name":"CVE-2019-7928","url":"https://www.cve.org/CVERecord?id=CVE-2019-7928"},{"name":"CVE-2019-7889","url":"https://www.cve.org/CVERecord?id=CVE-2019-7889"},{"name":"CVE-2019-7873","url":"https://www.cve.org/CVERecord?id=CVE-2019-7873"},{"name":"CVE-2019-7910","url":"https://www.cve.org/CVERecord?id=CVE-2019-7910"},{"name":"CVE-2019-7950","url":"https://www.cve.org/CVERecord?id=CVE-2019-7950"},{"name":"CVE-2019-7920","url":"https://www.cve.org/CVERecord?id=CVE-2019-7920"},{"name":"CVE-2019-7925","url":"https://www.cve.org/CVERecord?id=CVE-2019-7925"},{"name":"CVE-2019-7863","url":"https://www.cve.org/CVERecord?id=CVE-2019-7863"},{"name":"CVE-2019-7926","url":"https://www.cve.org/CVERecord?id=CVE-2019-7926"},{"name":"CVE-2019-7862","url":"https://www.cve.org/CVERecord?id=CVE-2019-7862"},{"name":"CVE-2019-7881","url":"https://www.cve.org/CVERecord?id=CVE-2019-7881"},{"name":"CVE-2019-7859","url":"https://www.cve.org/CVERecord?id=CVE-2019-7859"},{"name":"CVE-2019-7903","url":"https://www.cve.org/CVERecord?id=CVE-2019-7903"},{"name":"CVE-2019-7876","url":"https://www.cve.org/CVERecord?id=CVE-2019-7876"},{"name":"CVE-2019-7858","url":"https://www.cve.org/CVERecord?id=CVE-2019-7858"},{"name":"CVE-2019-7911","url":"https://www.cve.org/CVERecord?id=CVE-2019-7911"},{"name":"CVE-2019-7897","url":"https://www.cve.org/CVERecord?id=CVE-2019-7897"},{"name":"CVE-2019-7847","url":"https://www.cve.org/CVERecord?id=CVE-2019-7847"},{"name":"CVE-2019-7884","url":"https://www.cve.org/CVERecord?id=CVE-2019-7884"},{"name":"CVE-2019-7865","url":"https://www.cve.org/CVERecord?id=CVE-2019-7865"},{"name":"CVE-2019-7913","url":"https://www.cve.org/CVERecord?id=CVE-2019-7913"},{"name":"CVE-2019-7923","url":"https://www.cve.org/CVERecord?id=CVE-2019-7923"},{"name":"CVE-2019-7849","url":"https://www.cve.org/CVERecord?id=CVE-2019-7849"},{"name":"CVE-2019-7874","url":"https://www.cve.org/CVERecord?id=CVE-2019-7874"},{"name":"CVE-2019-7946","url":"https://www.cve.org/CVERecord?id=CVE-2019-7946"},{"name":"CVE-2019-7906","url":"https://www.cve.org/CVERecord?id=CVE-2019-7906"},{"name":"CVE-2019-7880","url":"https://www.cve.org/CVERecord?id=CVE-2019-7880"},{"name":"CVE-2019-7912","url":"https://www.cve.org/CVERecord?id=CVE-2019-7912"},{"name":"CVE-2019-7939","url":"https://www.cve.org/CVERecord?id=CVE-2019-7939"},{"name":"CVE-2019-7944","url":"https://www.cve.org/CVERecord?id=CVE-2019-7944"},{"name":"CVE-2019-7877","url":"https://www.cve.org/CVERecord?id=CVE-2019-7877"},{"name":"CVE-2019-7937","url":"https://www.cve.org/CVERecord?id=CVE-2019-7937"},{"name":"CVE-2019-7875","url":"https://www.cve.org/CVERecord?id=CVE-2019-7875"},{"name":"CVE-2019-7871","url":"https://www.cve.org/CVERecord?id=CVE-2019-7871"},{"name":"CVE-2019-7892","url":"https://www.cve.org/CVERecord?id=CVE-2019-7892"},{"name":"CVE-2019-7879","url":"https://www.cve.org/CVERecord?id=CVE-2019-7879"},{"name":"CVE-2019-7886","url":"https://www.cve.org/CVERecord?id=CVE-2019-7886"},{"name":"CVE-2019-7898","url":"https://www.cve.org/CVERecord?id=CVE-2019-7898"},{"name":"CVE-2019-7857","url":"https://www.cve.org/CVERecord?id=CVE-2019-7857"},{"name":"CVE-2019-7899","url":"https://www.cve.org/CVERecord?id=CVE-2019-7899"},{"name":"CVE-2019-7940","url":"https://www.cve.org/CVERecord?id=CVE-2019-7940"},{"name":"CVE-2019-7855","url":"https://www.cve.org/CVERecord?id=CVE-2019-7855"},{"name":"CVE-2019-7921","url":"https://www.cve.org/CVERecord?id=CVE-2019-7921"},{"name":"CVE-2019-7895","url":"https://www.cve.org/CVERecord?id=CVE-2019-7895"},{"name":"CVE-2019-7904","url":"https://www.cve.org/CVERecord?id=CVE-2019-7904"},{"name":"CVE-2019-7952","url":"https://www.cve.org/CVERecord?id=CVE-2019-7952"},{"name":"CVE-2019-7890","url":"https://www.cve.org/CVERecord?id=CVE-2019-7890"},{"name":"CVE-2019-7850","url":"https://www.cve.org/CVERecord?id=CVE-2019-7850"},{"name":"CVE-2019-7872","url":"https://www.cve.org/CVERecord?id=CVE-2019-7872"},{"name":"CVE-2019-7914","url":"https://www.cve.org/CVERecord?id=CVE-2019-7914"},{"name":"CVE-2019-7908","url":"https://www.cve.org/CVERecord?id=CVE-2019-7908"},{"name":"CVE-2019-7851","url":"https://www.cve.org/CVERecord?id=CVE-2019-7851"},{"name":"CVE-2019-7936","url":"https://www.cve.org/CVERecord?id=CVE-2019-7936"},{"name":"CVE-2019-7893","url":"https://www.cve.org/CVERecord?id=CVE-2019-7893"},{"name":"CVE-2019-7947","url":"https://www.cve.org/CVERecord?id=CVE-2019-7947"},{"name":"CVE-2019-7927","url":"https://www.cve.org/CVERecord?id=CVE-2019-7927"},{"name":"CVE-2019-7900","url":"https://www.cve.org/CVERecord?id=CVE-2019-7900"},{"name":"CVE-2019-7933","url":"https://www.cve.org/CVERecord?id=CVE-2019-7933"},{"name":"CVE-2019-7915","url":"https://www.cve.org/CVERecord?id=CVE-2019-7915"},{"name":"CVE-2019-7901","url":"https://www.cve.org/CVERecord?id=CVE-2019-7901"},{"name":"CVE-2019-7867","url":"https://www.cve.org/CVERecord?id=CVE-2019-7867"},{"name":"CVE-2019-7882","url":"https://www.cve.org/CVERecord?id=CVE-2019-7882"},{"name":"CVE-2019-7868","url":"https://www.cve.org/CVERecord?id=CVE-2019-7868"},{"name":"CVE-2019-7846","url":"https://www.cve.org/CVERecord?id=CVE-2019-7846"},{"name":"CVE-2019-7919","url":"https://www.cve.org/CVERecord?id=CVE-2019-7919"},{"name":"CVE-2019-7918","url":"https://www.cve.org/CVERecord?id=CVE-2019-7918"},{"name":"CVE-2019-7935","url":"https://www.cve.org/CVERecord?id=CVE-2019-7935"},{"name":"CVE-2019-7139","url":"https://www.cve.org/CVERecord?id=CVE-2019-7139"},{"name":"CVE-2019-7864","url":"https://www.cve.org/CVERecord?id=CVE-2019-7864"},{"name":"CVE-2019-7861","url":"https://www.cve.org/CVERecord?id=CVE-2019-7861"},{"name":"CVE-2019-7885","url":"https://www.cve.org/CVERecord?id=CVE-2019-7885"},{"name":"CVE-2019-7951","url":"https://www.cve.org/CVERecord?id=CVE-2019-7951"},{"name":"CVE-2019-7891","url":"https://www.cve.org/CVERecord?id=CVE-2019-7891"},{"name":"CVE-2019-7917","url":"https://www.cve.org/CVERecord?id=CVE-2019-7917"},{"name":"CVE-2019-7930","url":"https://www.cve.org/CVERecord?id=CVE-2019-7930"},{"name":"CVE-2019-7931","url":"https://www.cve.org/CVERecord?id=CVE-2019-7931"},{"name":"CVE-2019-7852","url":"https://www.cve.org/CVERecord?id=CVE-2019-7852"},{"name":"CVE-2019-7888","url":"https://www.cve.org/CVERecord?id=CVE-2019-7888"},{"name":"CVE-2019-7896","url":"https://www.cve.org/CVERecord?id=CVE-2019-7896"},{"name":"CVE-2019-7948","url":"https://www.cve.org/CVERecord?id=CVE-2019-7948"},{"name":"CVE-2019-7938","url":"https://www.cve.org/CVERecord?id=CVE-2019-7938"},{"name":"CVE-2019-7853","url":"https://www.cve.org/CVERecord?id=CVE-2019-7853"},{"name":"CVE-2019-7869","url":"https://www.cve.org/CVERecord?id=CVE-2019-7869"},{"name":"CVE-2019-7942","url":"https://www.cve.org/CVERecord?id=CVE-2019-7942"},{"name":"CVE-2019-7905","url":"https://www.cve.org/CVERecord?id=CVE-2019-7905"},{"name":"CVE-2019-7909","url":"https://www.cve.org/CVERecord?id=CVE-2019-7909"},{"name":"CVE-2019-7866","url":"https://www.cve.org/CVERecord?id=CVE-2019-7866"},{"name":"CVE-2019-7894","url":"https://www.cve.org/CVERecord?id=CVE-2019-7894"},{"name":"CVE-2019-7934","url":"https://www.cve.org/CVERecord?id=CVE-2019-7934"},{"name":"CVE-2019-7945","url":"https://www.cve.org/CVERecord?id=CVE-2019-7945"},{"name":"CVE-2019-7848","url":"https://www.cve.org/CVERecord?id=CVE-2019-7848"},{"name":"CVE-2019-7854","url":"https://www.cve.org/CVERecord?id=CVE-2019-7854"},{"name":"CVE-2019-7907","url":"https://www.cve.org/CVERecord?id=CVE-2019-7907"}],"links":[],"reference":"CERTFR-2019-AVI-295","revisions":[{"description":"Version initiale","revision_date":"2019-06-26T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMagento. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Magento","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Magento Security Update 3/3 du 25 juin 2019","url":"https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Magento Security Update 1/3 du 25 juin 2019","url":"https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Magento Security Update 2/3 du 25 juin 2019","url":"https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Magento SUPEE-11155 du 25 juin 2019","url":"https://magento.com/security/patches/supee-11155"}]}