{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Microsoft Exchange Server 2019 Cumulative Update 13","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.2","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.7","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft OLE DB Driver 19 pour SQL Server","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (CU 4)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 3 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.6","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Common Data Model SDK pour C#","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2022 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2016 Cumulative Update 23","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 3 Azure Connect Feature Pack","product":{"name":"Azure","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (CU 4)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Skype pour Business Server 2019 CU7","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 9.1","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Skype pour Business Server 2015 CU13","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft 365 Apps pour Enterprise pour 64 bits Systems","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 31)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Visual Studio 2022 version 17.4","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft ODBC Driver 18 pour SQL Server on MacOS","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 22)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft ODBC Driver 17 pour SQL Server on MacOS","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Dynamics 365 (on-premises) version 9.0","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Common Data Model SDK pour TypeScript","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2022 pour syst\u00e8mes x64 (CU 8)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Common Data Model SDK pour Java","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft ODBC Driver 17 pour SQL Server on Linux","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Exchange Server 2019 Cumulative Update 12","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft OLE DB Driver 18 pour SQL Server","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft ODBC Driver 18 pour SQL Server on Linux","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft SQL Server 2014 Service Pack 3 pour syst\u00e8mes 32 bits (GDR)","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Microsoft Common Data Model SDK pour Python","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-36728","url":"https://www.cve.org/CVERecord?id=CVE-2023-36728"},{"name":"CVE-2023-36429","url":"https://www.cve.org/CVERecord?id=CVE-2023-36429"},{"name":"CVE-2023-36420","url":"https://www.cve.org/CVERecord?id=CVE-2023-36420"},{"name":"CVE-2023-44487","url":"https://www.cve.org/CVERecord?id=CVE-2023-44487"},{"name":"CVE-2023-36730","url":"https://www.cve.org/CVERecord?id=CVE-2023-36730"},{"name":"CVE-2023-36789","url":"https://www.cve.org/CVERecord?id=CVE-2023-36789"},{"name":"CVE-2023-36778","url":"https://www.cve.org/CVERecord?id=CVE-2023-36778"},{"name":"CVE-2023-36566","url":"https://www.cve.org/CVERecord?id=CVE-2023-36566"},{"name":"CVE-2023-36780","url":"https://www.cve.org/CVERecord?id=CVE-2023-36780"},{"name":"CVE-2023-36786","url":"https://www.cve.org/CVERecord?id=CVE-2023-36786"},{"name":"CVE-2023-36568","url":"https://www.cve.org/CVERecord?id=CVE-2023-36568"},{"name":"CVE-2023-38171","url":"https://www.cve.org/CVERecord?id=CVE-2023-38171"},{"name":"CVE-2023-36417","url":"https://www.cve.org/CVERecord?id=CVE-2023-36417"},{"name":"CVE-2023-41763","url":"https://www.cve.org/CVERecord?id=CVE-2023-41763"},{"name":"CVE-2023-36416","url":"https://www.cve.org/CVERecord?id=CVE-2023-36416"},{"name":"CVE-2023-36785","url":"https://www.cve.org/CVERecord?id=CVE-2023-36785"},{"name":"CVE-2023-36433","url":"https://www.cve.org/CVERecord?id=CVE-2023-36433"},{"name":"CVE-2023-36569","url":"https://www.cve.org/CVERecord?id=CVE-2023-36569"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36728 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36420 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36420"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36785 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-41763 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36429 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36429"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36569 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36569"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36568 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36568"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36433 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36433"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36566 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36566"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36786 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36786"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-44487 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36730 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36789 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36789"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36416 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36416"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36778 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36778"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-38171 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36417 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36417"},{"title":"Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2023-36780 du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36780"}],"reference":"CERTFR-2023-AVI-0830","revisions":[{"description":"Version initiale","revision_date":"2023-10-11T00:00:00.000000"}],"risks":[{"description":"Usurpation d'identit\u00e9"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">les produits Microsoft</span>. Elles permettent \u00e0 un\nattaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une usurpation\nd'identit\u00e9, une ex\u00e9cution de code \u00e0 distance, un d\u00e9ni de service et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft du 10 octobre 2023","url":"https://msrc.microsoft.com/update-guide/"}]}