{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco IP Phone 8811, 8841, 8845, 8851, 8861 et 8865 versions ant\u00e9rieures \u00e0 11.7(1)","product":{"name":"IP Phone","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Aironet Access Points versions ant\u00e9rieures \u00e0 8.5.161.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Webex Meetings Online versions ant\u00e9rieures \u00e0 1.3.48","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco UCM et SME versions ant\u00e9rieures \u00e0 10.5(2)SU9","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco WLC versions 8.6.x, 8.7.x et 8.8.x ant\u00e9rieures \u00e0 8.8.130.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Aironet Access Points versions 8.6.x et 8.7.x ant\u00e9rieures \u00e0 8.8.130.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IoT Field Network Director versions ant\u00e9rieures \u00e0 4.6","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Webex Meetings 39.5.x Sites versions ant\u00e9rieures \u00e0 39.5.18","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Unified IP Conference Phone 8831 versions ant\u00e9rieures \u00e0 10.3(1)SR6","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco UCS Director versions ant\u00e9rieures \u00e0 6.7.4.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Aironet Access Points versions 8.9.x ant\u00e9rieures \u00e0 8.10.121.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco UCM et SME versions 12.x ant\u00e9rieures \u00e0 12.5(1)SU2","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Mobility Express versions 8.6.x, 8.7.x et 8.8.x ant\u00e9rieures \u00e0 8.8.130.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco UCS Director Express for Big Data versions ant\u00e9rieures \u00e0 3.7.4.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Webex Meetings Latest Sites versions ant\u00e9rieures \u00e0 40.2","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Mobility Express versions ant\u00e9rieures \u00e0 8.5.161.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco UCM et SME versions 11.x ant\u00e9rieures \u00e0 11.5(1)SU7","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Mobility Express versions 8.9.x et 9.10.x ant\u00e9rieures \u00e0 8.10.121.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Webex Meetings Server versions ant\u00e9rieures \u00e0 4.0MR2SecurityPatch3","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Wireless IP Phone 8821 et 8821-EX versions ant\u00e9rieures \u00e0 11.0(5)SR3","product":{"name":"IP Phone","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco WLC versions 8.9.x et 8.10.x ant\u00e9rieures \u00e0 8.10.121.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco WLC versions ant\u00e9rieures \u00e0 8.5.161.0","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco Aironet Access Points Embedded Wireless Controller versions ant\u00e9rieures \u00e0 16.11.1b","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IP Phone 7811, 7821, 7841 et 7861 versions ant\u00e9rieures \u00e0 11.7(1)","product":{"name":"IP Phone","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-3273","url":"https://www.cve.org/CVERecord?id=CVE-2020-3273"},{"name":"CVE-2020-3251","url":"https://www.cve.org/CVERecord?id=CVE-2020-3251"},{"name":"CVE-2020-3161","url":"https://www.cve.org/CVERecord?id=CVE-2020-3161"},{"name":"CVE-2020-3162","url":"https://www.cve.org/CVERecord?id=CVE-2020-3162"},{"name":"CVE-2020-3247","url":"https://www.cve.org/CVERecord?id=CVE-2020-3247"},{"name":"CVE-2020-3249","url":"https://www.cve.org/CVERecord?id=CVE-2020-3249"},{"name":"CVE-2020-3262","url":"https://www.cve.org/CVERecord?id=CVE-2020-3262"},{"name":"CVE-2020-3240","url":"https://www.cve.org/CVERecord?id=CVE-2020-3240"},{"name":"CVE-2016-1421","url":"https://www.cve.org/CVERecord?id=CVE-2016-1421"},{"name":"CVE-2020-3194","url":"https://www.cve.org/CVERecord?id=CVE-2020-3194"},{"name":"CVE-2020-3261","url":"https://www.cve.org/CVERecord?id=CVE-2020-3261"},{"name":"CVE-2020-3243","url":"https://www.cve.org/CVERecord?id=CVE-2020-3243"},{"name":"CVE-2020-3250","url":"https://www.cve.org/CVERecord?id=CVE-2020-3250"},{"name":"CVE-2020-3239","url":"https://www.cve.org/CVERecord?id=CVE-2020-3239"},{"name":"CVE-2020-3260","url":"https://www.cve.org/CVERecord?id=CVE-2020-3260"},{"name":"CVE-2020-3177","url":"https://www.cve.org/CVERecord?id=CVE-2020-3177"},{"name":"CVE-2020-3252","url":"https://www.cve.org/CVERecord?id=CVE-2020-3252"},{"name":"CVE-2020-3248","url":"https://www.cve.org/CVERecord?id=CVE-2020-3248"}],"links":[],"reference":"CERTFR-2020-AVI-227","revisions":[{"description":"Version initiale","revision_date":"2020-04-16T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-wlc-capwap-dos-Y2sD9uEw du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ucsd-mult-vulns-UNfpdW4E du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-webex-player-Q7Rtgvby du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-Q7Rtgvby"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-mob-exp-csrf-b8tFec24 du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mob-exp-csrf-b8tFec24"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cucm-taps-path-trav-pfsFO93r du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-taps-path-trav-pfsFO93r"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-airo-wpa-dos-5ZLs6ESz du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-dos-5ZLs6ESz"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-voip-phones-rce-dos-rB6EeRXs du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iot-coap-dos-WTBu6YTq du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-coap-dos-WTBu6YTq"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160609-ipp du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-wlc-gas-dos-8FsE3AWH du 15 avril 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-gas-dos-8FsE3AWH"}]}