{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"FortiOS 6.2.x version ant\u00e9rieures \u00e0 6.2.5","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 6.4.x version ant\u00e9rieures \u00e0 6.4.2","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 5.6.x version ant\u00e9rieures \u00e0 5.6.13","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 6.0.x version ant\u00e9rieures \u00e0 6.0.11","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-12820","url":"https://www.cve.org/CVERecord?id=CVE-2020-12820"},{"name":"CVE-2020-12819","url":"https://www.cve.org/CVERecord?id=CVE-2020-12819"}],"links":[],"reference":"CERTFR-2020-AVI-606","revisions":[{"description":"Version initiale","revision_date":"2020-09-25T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Fortinet FortiOS.\nElles permettent \u00e0 un attaquant authentifi\u00e9 et connect\u00e9 via un tunnel\nSSL VPN de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\nd\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Fortinet FortiOS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-083 du 24 septembre 2020","url":"https://www.fortiguard.com/psirt/FG-IR-20-083"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-082 du 24 septembre 2020","url":"https://www.fortiguard.com/psirt/FG-IR-20-082"}]}