{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 22.4 ant\u00e9rieures \u00e0 22.4R2-S1, 22.4R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S1","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S2, 22.3R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S2","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S6","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions ant\u00e9rieures \u00e0 20.4R3-S8","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S2, 22.3R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S5","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S4","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) versions 22.4 ant\u00e9rieures \u00e0 22.4R2-S1, 22.4R3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries EX) toutes versions ant\u00e9rieures \u00e0 20.4R3-S8","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S3","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Juniper Networks Junos OS (S\u00e9ries SRX) versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S6","product":{"name":"Junos OS","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-36845","url":"https://www.cve.org/CVERecord?id=CVE-2023-36845"},{"name":"CVE-2023-36846","url":"https://www.cve.org/CVERecord?id=CVE-2023-36846"},{"name":"CVE-2023-36847","url":"https://www.cve.org/CVERecord?id=CVE-2023-36847"},{"name":"CVE-2023-36844","url":"https://www.cve.org/CVERecord?id=CVE-2023-36844"}],"links":[],"reference":"CERTFR-2023-AVI-0660","revisions":[{"description":"Version initiale","revision_date":"2023-08-18T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les Juniper Junos OS</span>. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 l'int\u00e9grit\u00e9\ndes donn\u00e9es.\n","title":"Vuln\u00e9rabilit\u00e9 dans Juniper Junos OS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA72300 du 17 ao\u00fbt 2023","url":"https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US"}]}