{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 Business Central 2020 Release Wave 2 \u2013 Update 17.10","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"HEVC Video Extensions","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Visual Studio Code","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"MPEG-2 Video Extension","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour 64 bits Systems","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 Business Central 2021 Release Wave 1 - Update 18.5","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure Sphere","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Azure Open Management Infrastructure","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-38648","url":"https://www.cve.org/CVERecord?id=CVE-2021-38648"},{"name":"CVE-2021-38655","url":"https://www.cve.org/CVERecord?id=CVE-2021-38655"},{"name":"CVE-2021-38644","url":"https://www.cve.org/CVERecord?id=CVE-2021-38644"},{"name":"CVE-2021-38653","url":"https://www.cve.org/CVERecord?id=CVE-2021-38653"},{"name":"CVE-2021-38654","url":"https://www.cve.org/CVERecord?id=CVE-2021-38654"},{"name":"CVE-2021-38647","url":"https://www.cve.org/CVERecord?id=CVE-2021-38647"},{"name":"CVE-2021-38661","url":"https://www.cve.org/CVERecord?id=CVE-2021-38661"},{"name":"CVE-2021-38650","url":"https://www.cve.org/CVERecord?id=CVE-2021-38650"},{"name":"CVE-2021-38646","url":"https://www.cve.org/CVERecord?id=CVE-2021-38646"},{"name":"CVE-2021-36956","url":"https://www.cve.org/CVERecord?id=CVE-2021-36956"},{"name":"CVE-2021-38657","url":"https://www.cve.org/CVERecord?id=CVE-2021-38657"},{"name":"CVE-2021-36952","url":"https://www.cve.org/CVERecord?id=CVE-2021-36952"},{"name":"CVE-2021-38659","url":"https://www.cve.org/CVERecord?id=CVE-2021-38659"},{"name":"CVE-2021-38649","url":"https://www.cve.org/CVERecord?id=CVE-2021-38649"},{"name":"CVE-2021-26434","url":"https://www.cve.org/CVERecord?id=CVE-2021-26434"},{"name":"CVE-2021-38645","url":"https://www.cve.org/CVERecord?id=CVE-2021-38645"},{"name":"CVE-2021-38656","url":"https://www.cve.org/CVERecord?id=CVE-2021-38656"},{"name":"CVE-2021-26437","url":"https://www.cve.org/CVERecord?id=CVE-2021-26437"},{"name":"CVE-2021-40440","url":"https://www.cve.org/CVERecord?id=CVE-2021-40440"}],"links":[],"reference":"CERTFR-2021-AVI-711","revisions":[{"description":"Version initiale","revision_date":"2021-09-16T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les produits Microsoft</span>. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code \u00e0 distance, une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges et une\nusurpation d'identit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft du 14 septembre 2021","url":"https://msrc.microsoft.com/update-guide/"}]}