{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Exchange Server 2013 Cumulative Update 23","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"ChakraCore","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2017 version 15.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2018 Update 3.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure DevOps Server 2019.0.1","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"PowerShell Core 6.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"SQL Server Management Studio 18.3.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure DevOps Server 2019 Update 1","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center 2012 R2 Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Yammer pour Android","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure Stack","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2017 version 15.9","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2017 Update 3.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Security Essentials","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 13","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Lync Server 2013","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2015 Update 3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 14","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2018 Update 1.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Rome SDK 1.4.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"SQL Server Management Studio 18.3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure App Service on Azure Stack","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 9.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Forefront Endpoint Protection 2010","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Open Enclave SDK","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 12","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Team Foundation Server 2015 Update 4.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"PowerShell Core 6.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center 2012 Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2019-1375","url":"https://www.cve.org/CVERecord?id=CVE-2019-1375"},{"name":"CVE-2019-1369","url":"https://www.cve.org/CVERecord?id=CVE-2019-1369"},{"name":"CVE-2019-1234","url":"https://www.cve.org/CVERecord?id=CVE-2019-1234"},{"name":"CVE-2019-1300","url":"https://www.cve.org/CVERecord?id=CVE-2019-1300"},{"name":"CVE-2019-1266","url":"https://www.cve.org/CVERecord?id=CVE-2019-1266"},{"name":"CVE-2019-1255","url":"https://www.cve.org/CVERecord?id=CVE-2019-1255"},{"name":"CVE-2019-1232","url":"https://www.cve.org/CVERecord?id=CVE-2019-1232"},{"name":"CVE-2019-1428","url":"https://www.cve.org/CVERecord?id=CVE-2019-1428"},{"name":"CVE-2019-1306","url":"https://www.cve.org/CVERecord?id=CVE-2019-1306"},{"name":"CVE-2019-1298","url":"https://www.cve.org/CVERecord?id=CVE-2019-1298"},{"name":"CVE-2019-1305","url":"https://www.cve.org/CVERecord?id=CVE-2019-1305"},{"name":"CVE-2019-1335","url":"https://www.cve.org/CVERecord?id=CVE-2019-1335"},{"name":"CVE-2019-1231","url":"https://www.cve.org/CVERecord?id=CVE-2019-1231"},{"name":"CVE-2019-1313","url":"https://www.cve.org/CVERecord?id=CVE-2019-1313"},{"name":"CVE-2019-1426","url":"https://www.cve.org/CVERecord?id=CVE-2019-1426"},{"name":"CVE-2019-1217","url":"https://www.cve.org/CVERecord?id=CVE-2019-1217"},{"name":"CVE-2019-1307","url":"https://www.cve.org/CVERecord?id=CVE-2019-1307"},{"name":"CVE-2019-1233","url":"https://www.cve.org/CVERecord?id=CVE-2019-1233"},{"name":"CVE-2019-1366","url":"https://www.cve.org/CVERecord?id=CVE-2019-1366"},{"name":"CVE-2019-1308","url":"https://www.cve.org/CVERecord?id=CVE-2019-1308"},{"name":"CVE-2019-1372","url":"https://www.cve.org/CVERecord?id=CVE-2019-1372"},{"name":"CVE-2019-1376","url":"https://www.cve.org/CVERecord?id=CVE-2019-1376"},{"name":"CVE-2019-1237","url":"https://www.cve.org/CVERecord?id=CVE-2019-1237"},{"name":"CVE-2019-1370","url":"https://www.cve.org/CVERecord?id=CVE-2019-1370"},{"name":"CVE-2019-1301","url":"https://www.cve.org/CVERecord?id=CVE-2019-1301"},{"name":"CVE-2019-1425","url":"https://www.cve.org/CVERecord?id=CVE-2019-1425"},{"name":"CVE-2019-1414","url":"https://www.cve.org/CVERecord?id=CVE-2019-1414"},{"name":"CVE-2019-1373","url":"https://www.cve.org/CVERecord?id=CVE-2019-1373"},{"name":"CVE-2019-1427","url":"https://www.cve.org/CVERecord?id=CVE-2019-1427"},{"name":"CVE-2019-1265","url":"https://www.cve.org/CVERecord?id=CVE-2019-1265"},{"name":"CVE-2019-1209","url":"https://www.cve.org/CVERecord?id=CVE-2019-1209"},{"name":"CVE-2019-1138","url":"https://www.cve.org/CVERecord?id=CVE-2019-1138"}],"links":[],"reference":"CERTFR-2019-AVI-570","revisions":[{"description":"Version initiale","revision_date":"2019-11-13T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les produits Microsoft</span>. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9, une usurpation\nd'identit\u00e9, une ex\u00e9cution de code \u00e0 distance, une \u00e9l\u00e9vation de\nprivil\u00e8ges et un d\u00e9ni de service.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft du 12 novembre 2019","url":"https://portal.msrc.microsoft.com/fr-FR/security-guidance"}]}