{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"PAN-OS 10.0.x versions ant\u00e9rieures \u00e0 10.0.1","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS 9.0.x versions ant\u00e9rieures \u00e0 9.0.10","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS 9.1.x versions ant\u00e9rieures \u00e0 9.1.4","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}},{"description":"PAN-OS versions ant\u00e9rieures \u00e0 8.1.16","product":{"name":"PAN-OS","vendor":{"name":"Palo Alto Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-2043","url":"https://www.cve.org/CVERecord?id=CVE-2020-2043"},{"name":"CVE-2020-2037","url":"https://www.cve.org/CVERecord?id=CVE-2020-2037"},{"name":"CVE-2020-2042","url":"https://www.cve.org/CVERecord?id=CVE-2020-2042"},{"name":"CVE-2020-2036","url":"https://www.cve.org/CVERecord?id=CVE-2020-2036"},{"name":"CVE-2020-2044","url":"https://www.cve.org/CVERecord?id=CVE-2020-2044"},{"name":"CVE-2020-2039","url":"https://www.cve.org/CVERecord?id=CVE-2020-2039"},{"name":"CVE-2020-2041","url":"https://www.cve.org/CVERecord?id=CVE-2020-2041"},{"name":"CVE-2020-2040","url":"https://www.cve.org/CVERecord?id=CVE-2020-2040"},{"name":"CVE-2020-2038","url":"https://www.cve.org/CVERecord?id=CVE-2020-2038"}],"links":[],"reference":"CERTFR-2020-AVI-566","revisions":[{"description":"Version initiale","revision_date":"2020-09-10T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Palo Alto Networks\nPAN-OS. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Palo Alto Networks PAN-OS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2037 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2037"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2041 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2041"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2038 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2038"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2040 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2040"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2044 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2044"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2036 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2036"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2042 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2042"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2039 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2039"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2020-2043 du 09 septembre 2020","url":"https://security.paloaltonetworks.com/CVE-2020-2043"}]}