{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Sterling Connect:Direct pour Microsoft Windows versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.4_iFix036","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Connect:Direct pour Microsoft Windows versions 6.0.x ant\u00e9rieures \u00e0 6.0.0.4_iFix067","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Partner Engagement Manager Essentials Edition et Standard Edition versions 6.2.1.x ant\u00e9rieures \u00e0 6.2.1.3","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Partner Engagement Manager Essentials Edition et Standard Edition versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.1","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Connect:Direct pour Microsoft Windows versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.2_iFix062","product":{"name":"Sterling Connect:Direct","vendor":{"name":"IBM","scada":false}}},{"description":"IBM WebSphere Hybrid Edition version 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH54373 (cf. https://www.ibm.com/support/pages/node/6999681)","product":{"name":"WebSphere","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Partner Engagement Manager Essentials Edition et Standard Edition versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Sterling Partner Engagement Manager Essentials Edition et Standard Edition versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.8","product":{"name":"Sterling","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-28867","url":"https://www.cve.org/CVERecord?id=CVE-2023-28867"},{"name":"CVE-2023-32342","url":"https://www.cve.org/CVERecord?id=CVE-2023-32342"},{"name":"CVE-2023-2597","url":"https://www.cve.org/CVERecord?id=CVE-2023-2597"}],"links":[],"reference":"CERTFR-2023-AVI-0472","revisions":[{"description":"Version initiale","revision_date":"2023-06-16T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7003245 du 12 juin 2023","url":"https://www.ibm.com/support/pages/node/7003245"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7004175 du 15 juin 2023","url":"https://www.ibm.com/support/pages/node/7004175"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7004153 du 15 juin 2023","url":"https://www.ibm.com/support/pages/node/7004153"}]}