{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Splunk Enterprise versions 8.1.x ant\u00e9rieures \u00e0 8.1.12","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.9","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Cloud Platform versions 9.0.x ant\u00e9rieures \u00e0 9.0.2211","product":{"name":"Splunk Cloud Platform","vendor":{"name":"Splunk","scada":false}}},{"description":"Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.2","product":{"name":"Splunk Enterprise","vendor":{"name":"Splunk","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-43566","url":"https://www.cve.org/CVERecord?id=CVE-2022-43566"},{"name":"CVE-2022-43563","url":"https://www.cve.org/CVERecord?id=CVE-2022-43563"},{"name":"CVE-2022-43571","url":"https://www.cve.org/CVERecord?id=CVE-2022-43571"},{"name":"CVE-2022-43568","url":"https://www.cve.org/CVERecord?id=CVE-2022-43568"},{"name":"CVE-2022-43569","url":"https://www.cve.org/CVERecord?id=CVE-2022-43569"},{"name":"CVE-2022-43564","url":"https://www.cve.org/CVERecord?id=CVE-2022-43564"},{"name":"CVE-2022-43561","url":"https://www.cve.org/CVERecord?id=CVE-2022-43561"},{"name":"CVE-2022-43565","url":"https://www.cve.org/CVERecord?id=CVE-2022-43565"},{"name":"CVE-2020-36518","url":"https://www.cve.org/CVERecord?id=CVE-2020-36518"},{"name":"CVE-2022-43572","url":"https://www.cve.org/CVERecord?id=CVE-2022-43572"},{"name":"CVE-2022-43570","url":"https://www.cve.org/CVERecord?id=CVE-2022-43570"},{"name":"CVE-2022-43567","url":"https://www.cve.org/CVERecord?id=CVE-2022-43567"},{"name":"CVE-2022-43562","url":"https://www.cve.org/CVERecord?id=CVE-2022-43562"}],"links":[],"reference":"CERTFR-2022-AVI-986","revisions":[{"description":"Version initiale","revision_date":"2022-11-03T00:00:00.000000"},{"description":"Correction num\u00e9ro de CVE : CVE-2022-36518 remplac\u00e9 par CVE-2020-36518","revision_date":"2022-11-04T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk. Certaines\nd'entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Splunk","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1102 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1102.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1106 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1106.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1104 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1104.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1101 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1101.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1113 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1113.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1112 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1112.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1109 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1109.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1111 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1111.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1103 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1103.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1105 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1105.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1110 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1110.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1107 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1107.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-1108 du 02 novembre 2022","url":"https://www.splunk.com/en_us/product-security/announcements/svd-2022-1108.html"}]}