{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"IBM Storage Protect Operations Center versions 8.1.0.000 \u00e0 8.1.18.xxx ant\u00e9rieures \u00e0 8.1.19","product":{"name":"Storage Protect","vendor":{"name":"IBM","scada":false}}},{"description":"IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP6","product":{"name":"QRadar SIEM","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Storage Protect Server versions 8.1.0.000 \u00e0 8.1.18.xxx ant\u00e9rieures 8.1.19","product":{"name":"Storage Protect","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Db2 Warehouse versions ant\u00e9rieures \u00e0 11.5.8.0","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Spectrum Protect Plus versions 10.1.0 \u00e0 10.1.14 ant\u00e9rieures 10.1.15","product":{"name":"Spectrum","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Storage Protect Backup-Archive Client versions 8.1.0.0 \u00e0 8.1.17.2 ant\u00e9rieures 8.1.19.0","product":{"name":"Storage Protect","vendor":{"name":"IBM","scada":false}}},{"description":"IBM Spectrum Protect Plus File Systems Agent versions 10.1.6 \u00e0 10.1.14 ant\u00e9rieures \u00e0 10.1.15","product":{"name":"Spectrum","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-25577","url":"https://www.cve.org/CVERecord?id=CVE-2023-25577"},{"name":"CVE-2022-32189","url":"https://www.cve.org/CVERecord?id=CVE-2022-32189"},{"name":"CVE-2022-43927","url":"https://www.cve.org/CVERecord?id=CVE-2022-43927"},{"name":"CVE-2022-30631","url":"https://www.cve.org/CVERecord?id=CVE-2022-30631"},{"name":"CVE-2022-4304","url":"https://www.cve.org/CVERecord?id=CVE-2022-4304"},{"name":"CVE-2023-27555","url":"https://www.cve.org/CVERecord?id=CVE-2023-27555"},{"name":"CVE-2022-41725","url":"https://www.cve.org/CVERecord?id=CVE-2022-41725"},{"name":"CVE-2022-45061","url":"https://www.cve.org/CVERecord?id=CVE-2022-45061"},{"name":"CVE-2022-30635","url":"https://www.cve.org/CVERecord?id=CVE-2022-30635"},{"name":"CVE-2022-4269","url":"https://www.cve.org/CVERecord?id=CVE-2022-4269"},{"name":"CVE-2023-23934","url":"https://www.cve.org/CVERecord?id=CVE-2023-23934"},{"name":"CVE-2022-41722","url":"https://www.cve.org/CVERecord?id=CVE-2022-41722"},{"name":"CVE-2023-0215","url":"https://www.cve.org/CVERecord?id=CVE-2023-0215"},{"name":"CVE-2023-0286","url":"https://www.cve.org/CVERecord?id=CVE-2023-0286"},{"name":"CVE-2023-0266","url":"https://www.cve.org/CVERecord?id=CVE-2023-0266"},{"name":"CVE-2020-36557","url":"https://www.cve.org/CVERecord?id=CVE-2020-36557"},{"name":"CVE-2020-13955","url":"https://www.cve.org/CVERecord?id=CVE-2020-13955"},{"name":"CVE-2020-35490","url":"https://www.cve.org/CVERecord?id=CVE-2020-35490"},{"name":"CVE-2020-10735","url":"https://www.cve.org/CVERecord?id=CVE-2020-10735"},{"name":"CVE-2022-32148","url":"https://www.cve.org/CVERecord?id=CVE-2022-32148"},{"name":"CVE-2022-39135","url":"https://www.cve.org/CVERecord?id=CVE-2022-39135"},{"name":"CVE-2018-7489","url":"https://www.cve.org/CVERecord?id=CVE-2018-7489"},{"name":"CVE-2020-11971","url":"https://www.cve.org/CVERecord?id=CVE-2020-11971"},{"name":"CVE-2022-30630","url":"https://www.cve.org/CVERecord?id=CVE-2022-30630"},{"name":"CVE-2023-28956","url":"https://www.cve.org/CVERecord?id=CVE-2023-28956"},{"name":"CVE-2022-43552","url":"https://www.cve.org/CVERecord?id=CVE-2022-43552"},{"name":"CVE-2023-29257","url":"https://www.cve.org/CVERecord?id=CVE-2023-29257"},{"name":"CVE-2023-26021","url":"https://www.cve.org/CVERecord?id=CVE-2023-26021"},{"name":"CVE-2022-1705","url":"https://www.cve.org/CVERecord?id=CVE-2022-1705"},{"name":"CVE-2023-23915","url":"https://www.cve.org/CVERecord?id=CVE-2023-23915"},{"name":"CVE-2022-41716","url":"https://www.cve.org/CVERecord?id=CVE-2022-41716"},{"name":"CVE-2023-0464","url":"https://www.cve.org/CVERecord?id=CVE-2023-0464"},{"name":"CVE-2022-30633","url":"https://www.cve.org/CVERecord?id=CVE-2022-30633"},{"name":"CVE-2023-23914","url":"https://www.cve.org/CVERecord?id=CVE-2023-23914"},{"name":"CVE-2022-30632","url":"https://www.cve.org/CVERecord?id=CVE-2022-30632"},{"name":"CVE-2022-41717","url":"https://www.cve.org/CVERecord?id=CVE-2022-41717"},{"name":"CVE-2023-24536","url":"https://www.cve.org/CVERecord?id=CVE-2023-24536"},{"name":"CVE-2022-28131","url":"https://www.cve.org/CVERecord?id=CVE-2022-28131"},{"name":"CVE-2022-4378","url":"https://www.cve.org/CVERecord?id=CVE-2022-4378"},{"name":"CVE-2021-3737","url":"https://www.cve.org/CVERecord?id=CVE-2021-3737"},{"name":"CVE-2020-35491","url":"https://www.cve.org/CVERecord?id=CVE-2020-35491"},{"name":"CVE-2022-4450","url":"https://www.cve.org/CVERecord?id=CVE-2022-4450"},{"name":"CVE-2014-3577","url":"https://www.cve.org/CVERecord?id=CVE-2014-3577"},{"name":"CVE-2023-24532","url":"https://www.cve.org/CVERecord?id=CVE-2023-24532"},{"name":"CVE-2022-43551","url":"https://www.cve.org/CVERecord?id=CVE-2022-43551"},{"name":"CVE-2023-0386","url":"https://www.cve.org/CVERecord?id=CVE-2023-0386"},{"name":"CVE-2022-41721","url":"https://www.cve.org/CVERecord?id=CVE-2022-41721"},{"name":"CVE-2023-25930","url":"https://www.cve.org/CVERecord?id=CVE-2023-25930"},{"name":"CVE-2022-41724","url":"https://www.cve.org/CVERecord?id=CVE-2022-41724"},{"name":"CVE-2022-2873","url":"https://www.cve.org/CVERecord?id=CVE-2022-2873"},{"name":"CVE-2023-29255","url":"https://www.cve.org/CVERecord?id=CVE-2023-29255"},{"name":"CVE-2020-36518","url":"https://www.cve.org/CVERecord?id=CVE-2020-36518"},{"name":"CVE-2023-24537","url":"https://www.cve.org/CVERecord?id=CVE-2023-24537"},{"name":"CVE-2022-43930","url":"https://www.cve.org/CVERecord?id=CVE-2022-43930"},{"name":"CVE-2023-24998","url":"https://www.cve.org/CVERecord?id=CVE-2023-24998"},{"name":"CVE-2023-27559","url":"https://www.cve.org/CVERecord?id=CVE-2023-27559"},{"name":"CVE-2022-43929","url":"https://www.cve.org/CVERecord?id=CVE-2022-43929"},{"name":"CVE-2023-24538","url":"https://www.cve.org/CVERecord?id=CVE-2023-24538"},{"name":"CVE-2022-35255","url":"https://www.cve.org/CVERecord?id=CVE-2022-35255"},{"name":"CVE-2023-30861","url":"https://www.cve.org/CVERecord?id=CVE-2023-30861"},{"name":"CVE-2022-41723","url":"https://www.cve.org/CVERecord?id=CVE-2022-41723"},{"name":"CVE-2023-28155","url":"https://www.cve.org/CVERecord?id=CVE-2023-28155"},{"name":"CVE-2022-41727","url":"https://www.cve.org/CVERecord?id=CVE-2022-41727"},{"name":"CVE-2023-26022","url":"https://www.cve.org/CVERecord?id=CVE-2023-26022"},{"name":"CVE-2022-1280","url":"https://www.cve.org/CVERecord?id=CVE-2022-1280"},{"name":"CVE-2023-23916","url":"https://www.cve.org/CVERecord?id=CVE-2023-23916"}],"links":[],"reference":"CERTFR-2023-AVI-0484","revisions":[{"description":"Version initiale","revision_date":"2023-06-23T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"},{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Non sp\u00e9cifi\u00e9 par l'\u00e9diteur"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits IBM</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7005589 du 20 juin 2023","url":"https://www.ibm.com/support/pages/node/7005589"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7005553 du 20 juin 2023","url":"https://www.ibm.com/support/pages/node/7005553"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 6999973 du 19 juin 2023","url":"https://www.ibm.com/support/pages/node/6999973"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7005519 du 20 juin 2023","url":"https://www.ibm.com/support/pages/node/7005519"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7006395 du 22 juin 2023","url":"https://www.ibm.com/support/pages/node/7006395"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7005949 du 21 juin 2023","url":"https://www.ibm.com/support/pages/node/7005949"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7006069 du 22 juin 2023","url":"https://www.ibm.com/support/pages/node/7006069"}]}