{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions v3.5 \u00e0 v4.6.x ant\u00e9rieures \u00e0 v4.6.2","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Cognos Command Center 10.2.4.1 sans le correctif de s\u00e9curit\u00e9 Fixpack 1 (disponible prochainement)","product":{"name":"N/A","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Transformation Extender versions 10.0.0, 10.1, 10.1.1 et 10.1.2 sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-35550","url":"https://www.cve.org/CVERecord?id=CVE-2021-35550"},{"name":"CVE-2018-11775","url":"https://www.cve.org/CVERecord?id=CVE-2018-11775"},{"name":"CVE-2022-37603","url":"https://www.cve.org/CVERecord?id=CVE-2022-37603"},{"name":"CVE-2021-4104","url":"https://www.cve.org/CVERecord?id=CVE-2021-4104"},{"name":"CVE-2021-35517","url":"https://www.cve.org/CVERecord?id=CVE-2021-35517"},{"name":"CVE-2021-35603","url":"https://www.cve.org/CVERecord?id=CVE-2021-35603"},{"name":"CVE-2021-36090","url":"https://www.cve.org/CVERecord?id=CVE-2021-36090"},{"name":"CVE-2022-37601","url":"https://www.cve.org/CVERecord?id=CVE-2022-37601"},{"name":"CVE-2022-23307","url":"https://www.cve.org/CVERecord?id=CVE-2022-23307"},{"name":"CVE-2017-7525","url":"https://www.cve.org/CVERecord?id=CVE-2017-7525"},{"name":"CVE-2021-41035","url":"https://www.cve.org/CVERecord?id=CVE-2021-41035"},{"name":"CVE-2022-21434","url":"https://www.cve.org/CVERecord?id=CVE-2022-21434"},{"name":"CVE-2022-21294","url":"https://www.cve.org/CVERecord?id=CVE-2022-21294"},{"name":"CVE-2022-21341","url":"https://www.cve.org/CVERecord?id=CVE-2022-21341"},{"name":"CVE-2021-35578","url":"https://www.cve.org/CVERecord?id=CVE-2021-35578"},{"name":"CVE-2022-21293","url":"https://www.cve.org/CVERecord?id=CVE-2022-21293"},{"name":"CVE-2020-36518","url":"https://www.cve.org/CVERecord?id=CVE-2020-36518"},{"name":"CVE-2022-21248","url":"https://www.cve.org/CVERecord?id=CVE-2022-21248"},{"name":"CVE-2022-21496","url":"https://www.cve.org/CVERecord?id=CVE-2022-21496"},{"name":"CVE-2022-37599","url":"https://www.cve.org/CVERecord?id=CVE-2022-37599"},{"name":"CVE-2022-21443","url":"https://www.cve.org/CVERecord?id=CVE-2022-21443"}],"links":[],"reference":"CERTFR-2023-AVI-0073","revisions":[{"description":"Version initiale","revision_date":"2023-01-31T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d'entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6555376 du 30 janvier 2023","url":"https://www.ibm.com/support/pages/node/6555376"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6890619 du 30 janvier 2023","url":"https://www.ibm.com/support/pages/node/6890619"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6890703 du 30 janvier 2023","url":"https://www.ibm.com/support/pages/node/6890703"}]}