{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU 4)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2012 pour syst\u00e8mes 32 bits Service Pack 4 (QFE)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"HEVC Video Extensions","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center 2012 R2 Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU 4)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2016 Service Pack 2 pour syst\u00e8mes x64 (CU 15)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Bot Framework SDK pour JavaScript","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Security Essentials","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Remote Desktop pour Android","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour 64 bits Systems","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.8","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2015 Update 3","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Azure Kubernetes Service","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2012 pour syst\u00e8mes x64 Service Pack 4 (QFE)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 22)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Bot Framework SDK pour Python","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Remote Desktop","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 2 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft System Center 2012 Endpoint Protection","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-1714","url":"https://www.cve.org/CVERecord?id=CVE-2021-1714"},{"name":"CVE-2021-1725","url":"https://www.cve.org/CVERecord?id=CVE-2021-1725"},{"name":"CVE-2021-1647","url":"https://www.cve.org/CVERecord?id=CVE-2021-1647"},{"name":"CVE-2021-1680","url":"https://www.cve.org/CVERecord?id=CVE-2021-1680"},{"name":"CVE-2021-1636","url":"https://www.cve.org/CVERecord?id=CVE-2021-1636"},{"name":"CVE-2021-1651","url":"https://www.cve.org/CVERecord?id=CVE-2021-1651"},{"name":"CVE-2021-1669","url":"https://www.cve.org/CVERecord?id=CVE-2021-1669"},{"name":"CVE-2021-1643","url":"https://www.cve.org/CVERecord?id=CVE-2021-1643"},{"name":"CVE-2021-1677","url":"https://www.cve.org/CVERecord?id=CVE-2021-1677"},{"name":"CVE-2021-1715","url":"https://www.cve.org/CVERecord?id=CVE-2021-1715"},{"name":"CVE-2020-26870","url":"https://www.cve.org/CVERecord?id=CVE-2020-26870"},{"name":"CVE-2021-1644","url":"https://www.cve.org/CVERecord?id=CVE-2021-1644"},{"name":"CVE-2021-1711","url":"https://www.cve.org/CVERecord?id=CVE-2021-1711"},{"name":"CVE-2021-1713","url":"https://www.cve.org/CVERecord?id=CVE-2021-1713"},{"name":"CVE-2021-1716","url":"https://www.cve.org/CVERecord?id=CVE-2021-1716"},{"name":"CVE-2021-1723","url":"https://www.cve.org/CVERecord?id=CVE-2021-1723"}],"links":[],"reference":"CERTFR-2021-AVI-029","revisions":[{"description":"Version initiale","revision_date":"2021-01-13T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les produits Microsoft</span>. Elles permettent \u00e0 un\nattaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es,\nune usurpation d'identit\u00e9, une ex\u00e9cution de code \u00e0 distance, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9, une \u00e9l\u00e9vation de\nprivil\u00e8ges et un d\u00e9ni de service.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft du 12 janvier 2021","url":"https://portal.msrc.microsoft.com/fr-FR/security-guidance"}]}