{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"microprogramme de RV340 Dual WAN Gigabit VPN Router, avec la fonction SSL activ\u00e9e versions ant\u00e9rieures \u00e0 1.0.03.18","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV345 Dual WAN Gigabit VPN Router, avec la fonction SSL activ\u00e9e, versions ant\u00e9rieures \u00e0 1.0.03.18","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV340W Dual WAN Gigabit Wireless-AC VPN Router, avec la fonction SSL activ\u00e9e, versions ant\u00e9rieures \u00e0 1.0.03.18","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV215W Wireless-N VPN Router versions ant\u00e9rieures \u00e0 1.3.1.7","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV345P Dual WAN Gigabit POE VPN Router, avec la fonction SSL activ\u00e9e, versions ant\u00e9rieures \u00e0 1.0.03.18","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV130W Wireless-N Multifunction VPN Router versions ant\u00e9rieures \u00e0 1.0.3.55","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV130 VPN Router versions ant\u00e9rieures \u00e0 1.0.3.55","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"microprogramme de RV110W Wireless-N VPN Firewall versions ant\u00e9rieures \u00e0 1.2.2.8","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-3146","url":"https://www.cve.org/CVERecord?id=CVE-2020-3146"},{"name":"CVE-2020-3144","url":"https://www.cve.org/CVERecord?id=CVE-2020-3144"},{"name":"CVE-2020-3358","url":"https://www.cve.org/CVERecord?id=CVE-2020-3358"},{"name":"CVE-2020-3145","url":"https://www.cve.org/CVERecord?id=CVE-2020-3145"},{"name":"CVE-2020-3332","url":"https://www.cve.org/CVERecord?id=CVE-2020-3332"},{"name":"CVE-2020-3331","url":"https://www.cve.org/CVERecord?id=CVE-2020-3331"},{"name":"CVE-2020-3330","url":"https://www.cve.org/CVERecord?id=CVE-2020-3330"},{"name":"CVE-2020-3357","url":"https://www.cve.org/CVERecord?id=CVE-2020-3357"}],"links":[],"reference":"CERTFR-2020-AVI-444","revisions":[{"description":"Version initiale","revision_date":"2020-07-15T00:00:00.000000"},{"description":"correction d'une phrase non termin\u00e9e","revision_date":"2020-07-17T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans la gamme de\nrouteurs RV de Cisco. Elles permettent notamment \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de\nprivil\u00e8ges et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans la gamme de routeurs RV de Cisco","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-rv110w-static-cred-BMTWBWTy du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-rv-rce-AQKREqp du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-cmd-shell-injection-9jOQn9Dy du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmd-shell-injection-9jOQn9Dy"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-code-exec-wH3BNFb du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sb-rce-dos-9ZAjkx4 du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rce-dos-9ZAjkx4"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-rv-rce-m4FEEGWX du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-m4FEEGWX"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sb-dos-ZN5GvNH7 du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-rv-auth-bypass-cGv9EruZ du 15 juillet 2020","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ"}]}