{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Juniper Secure Analytics (JSA) avec Networks Security Threat Response Manager (STRM) versions ant\u00e9rieures \u00e0 7.5.0UP4","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"JunosOS versions ant\u00e9rieures \u00e0 18.1R3-S11, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.1R3-S4, 19.2R3-S1, 19.2R3-S7, 19.3R3-S1, 19.3R3-S7, 19.3R3-S8, 19.4R3, 19.4R3-S10, 19.4R3-S11, 19.4R3-S12, 19.4R3-S9, 20.1R2, 20.2R2, 20.2R3-S5, 20.2R3-S6, 20.2R3-S7, 20.3R1-S1, 20.3R2, 20.3R3-S2, 20.3R3-S5, 20.3R3-S6, 20.4R1, 20.4R3-S3, 20.4R3-S4, 20.4R3-S5, 20.4R3-S6, 20.4R3-S7, 21.1R3, 21.1R3-S3, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S2, 21.2R3-S3, 21.2R3-S4, 21.3R2, 21.3R3, 21.3R3-S1, 21.3R3-S2, 21.3R3-S3, 21.4R1, 21.4R2, 21.4R2-S1, 21.4R3, 21.4R3-S1, 21.4R3-S2, 21.4R3-S3, 22.1R1, 22.1R2, 22.1R2-S1, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.2R1, 22.2R1-S2, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.3R1, 22.3R1-S1, 22.3R1-S2, 22.3R2, 22.4R1, 22.4R1-S1, 22.4R2 et 23.1R1","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"JunosOS Evolved versions ant\u00e9rieures \u00e0 20.1R3-EVO, 20.2R2-EVO, 20.3R2-EVO, 20.4R1-EVO, 20.4R3-S5-EVO, 20.4R3-S6-EVO, 20.4R3-S7-EVO, 21.1R3-S4-EVO, 21.2R3-EVO, 21.2R3-S4-EVO, 21.2R3-S5-EVO, 21.3R2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.4R1-EVO, 21.4R1-S2-EVO, 21.4R2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 21.4R3-S1-EVO, 22.1R1-EVO, 22.1R2-EVO, 22.1R3-EVO, 22.2R1-EVO, 22.2R2-EVO et 22.3R1-EVO","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Paragon Active Assurance versions ant\u00e9rieures \u00e0 4.1.2","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-28973","url":"https://www.cve.org/CVERecord?id=CVE-2023-28973"},{"name":"CVE-2021-45960","url":"https://www.cve.org/CVERecord?id=CVE-2021-45960"},{"name":"CVE-2023-28970","url":"https://www.cve.org/CVERecord?id=CVE-2023-28970"},{"name":"CVE-2023-28967","url":"https://www.cve.org/CVERecord?id=CVE-2023-28967"},{"name":"CVE-2023-28983","url":"https://www.cve.org/CVERecord?id=CVE-2023-28983"},{"name":"CVE-2022-22823","url":"https://www.cve.org/CVERecord?id=CVE-2022-22823"},{"name":"CVE-2023-28979","url":"https://www.cve.org/CVERecord?id=CVE-2023-28979"},{"name":"CVE-2023-28974","url":"https://www.cve.org/CVERecord?id=CVE-2023-28974"},{"name":"CVE-2023-28959","url":"https://www.cve.org/CVERecord?id=CVE-2023-28959"},{"name":"CVE-2022-25315","url":"https://www.cve.org/CVERecord?id=CVE-2022-25315"},{"name":"CVE-2022-22822","url":"https://www.cve.org/CVERecord?id=CVE-2022-22822"},{"name":"CVE-2023-28962","url":"https://www.cve.org/CVERecord?id=CVE-2023-28962"},{"name":"CVE-2022-25313","url":"https://www.cve.org/CVERecord?id=CVE-2022-25313"},{"name":"CVE-2022-23852","url":"https://www.cve.org/CVERecord?id=CVE-2022-23852"},{"name":"CVE-2022-22825","url":"https://www.cve.org/CVERecord?id=CVE-2022-22825"},{"name":"CVE-2022-25314","url":"https://www.cve.org/CVERecord?id=CVE-2022-25314"},{"name":"CVE-2022-23990","url":"https://www.cve.org/CVERecord?id=CVE-2022-23990"},{"name":"CVE-2022-25235","url":"https://www.cve.org/CVERecord?id=CVE-2022-25235"},{"name":"CVE-2023-28975","url":"https://www.cve.org/CVERecord?id=CVE-2023-28975"},{"name":"CVE-2023-28971","url":"https://www.cve.org/CVERecord?id=CVE-2023-28971"},{"name":"CVE-2023-28968","url":"https://www.cve.org/CVERecord?id=CVE-2023-28968"},{"name":"CVE-2023-28961","url":"https://www.cve.org/CVERecord?id=CVE-2023-28961"},{"name":"CVE-2021-46143","url":"https://www.cve.org/CVERecord?id=CVE-2021-46143"},{"name":"CVE-2023-28981","url":"https://www.cve.org/CVERecord?id=CVE-2023-28981"},{"name":"CVE-2023-28982","url":"https://www.cve.org/CVERecord?id=CVE-2023-28982"},{"name":"CVE-2022-42889","url":"https://www.cve.org/CVERecord?id=CVE-2022-42889"},{"name":"CVE-2023-1697","url":"https://www.cve.org/CVERecord?id=CVE-2023-1697"},{"name":"CVE-2023-28980","url":"https://www.cve.org/CVERecord?id=CVE-2023-28980"},{"name":"CVE-2023-28966","url":"https://www.cve.org/CVERecord?id=CVE-2023-28966"},{"name":"CVE-2023-28976","url":"https://www.cve.org/CVERecord?id=CVE-2023-28976"},{"name":"CVE-2022-22827","url":"https://www.cve.org/CVERecord?id=CVE-2022-22827"},{"name":"CVE-2022-25236","url":"https://www.cve.org/CVERecord?id=CVE-2022-25236"},{"name":"CVE-2023-28963","url":"https://www.cve.org/CVERecord?id=CVE-2023-28963"},{"name":"CVE-2023-28978","url":"https://www.cve.org/CVERecord?id=CVE-2023-28978"},{"name":"CVE-2023-28964","url":"https://www.cve.org/CVERecord?id=CVE-2023-28964"},{"name":"CVE-2023-28960","url":"https://www.cve.org/CVERecord?id=CVE-2023-28960"},{"name":"CVE-2022-22826","url":"https://www.cve.org/CVERecord?id=CVE-2022-22826"},{"name":"CVE-2023-28984","url":"https://www.cve.org/CVERecord?id=CVE-2023-28984"},{"name":"CVE-2022-22824","url":"https://www.cve.org/CVERecord?id=CVE-2022-22824"},{"name":"CVE-2023-28972","url":"https://www.cve.org/CVERecord?id=CVE-2023-28972"},{"name":"CVE-2023-28965","url":"https://www.cve.org/CVERecord?id=CVE-2023-28965"}],"links":[],"reference":"CERTFR-2023-AVI-0310","revisions":[{"description":"Version initiale","revision_date":"2023-04-13T00:00:00.000000"},{"description":"Retrait d'identifiants CVE en double.","revision_date":"2023-04-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70591 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-genuine-BGP-packets-causes-an-RPD-crash-CVE-2023-28967"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70601 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-MX-Series-If-a-specific-traffic-rate-goes-above-the-DDoS-threshold-it-will-lead-to-an-FPC-crash-CVE-2023-28976"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70587 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70594 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-JRR200-Kernel-crash-upon-receipt-of-a-specific-packet-CVE-2023-28970"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70607 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-If-malformed-IPv6-router-advertisements-are-received-memory-corruption-will-occur-which-causes-an-rpd-crash-CVE-2023-28981"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70586 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-ACX-Series-IPv6-firewall-filter-is-not-installed-in-PFE-when-from-next-header-ah-is-used-CVE-2023-28961"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70609 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Shell-Injection-vulnerability-in-the-gNOI-server-CVE-2023-28983"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70599 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-MX-Series-In-a-BBE-scenario-upon-receipt-of-specific-malformed-packets-from-subscribers-the-process-bbe-smgd-will-crash-CVE-2023-28974"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70596 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-NFX-Series-set-system-ports-console-insecure-allows-root-password-recovery-CVE-2023-28972"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70585 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Docker-repository-is-world-writeable-allowing-low-privileged-local-user-to-inject-files-into-Docker-containers-CVE-2023-28960"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70592 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-SRX-Series-Policies-that-rely-on-JDPI-Decoder-actions-may-fail-open-CVE-2023-28968"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70600 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-The-kernel-will-crash-when-certain-USB-devices-are-inserted-CVE-2023-28975"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70604 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-In-a-6PE-scenario-upon-receipt-of-a-specific-IPv6-packet-an-integrity-check-fails-CVE-2023-28979"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70603 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Read-access-to-some-confidential-user-information-is-possible-CVE-2023-28978"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70610 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX-Series-The-PFE-may-crash-when-a-lot-of-MAC-addresses-are-being-learned-and-aged-CVE-2023-28984"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70606 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-an-rpd-crash-will-happen-shortly-after-a-specific-CLI-command-is-issued-CVE-2023-28980"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70589 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10002-Failure-of-storm-control-feature-may-lead-to-Denial-of-Service-CVE-2023-28965"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70584 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10002-PFE-wedges-and-restarts-upon-receipt-of-specific-malformed-packets-CVE-2023-28959"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70605 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-expat-resolved"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70608 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-route-is-frequently-updated-an-rpd-memory-leak-will-occur-CVE-2023-28982"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70595 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Paragon-Active-Assurance-Enabling-the-timescaledb-enables-IP-forwarding-CVE-2023-28971"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70613 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-JSA-Series-Apache-Commons-Text-prior-to-1-10-0-allows-RCE-when-applied-to-untrusted-input-due-to-insecure-interpolation-defaults-CVE-2022-42889"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70590 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-Local-low-privileged-user-with-shell-access-can-execute-CLI-commands-as-root-CVE-2023-28966"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70612 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-QFX10000-Series-PTX1000-Series-The-dcpfe-process-will-crash-when-a-malformed-ethernet-frame-is-received-CVE-2023-1697"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70597 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Evolved-The-sysmanctl-shell-command-allows-a-local-user-to-gain-access-to-some-administrative-actions-CVE-2023-28973"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA70588 du 12 avril 2023","url":"https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Malformed-BGP-flowspec-update-causes-RPD-crash-CVE-2023-28964"}]}