{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"ESXi versions 7.0 sans le correctif de s\u00e9curit\u00e9 ESXi70U3p-23307199","product":{"name":"ESXi","vendor":{"name":"VMware","scada":false}}},{"description":"Workstation versions 17.x ant\u00e9rieures \u00e0 17.5.1","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"Fusion versions 13.x ant\u00e9rieures \u00e0 13.5.1 sur MacOS","product":{"name":"Fusion","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Cloud Foundation (ESXi) versions 5.x et 4.x sans le correctif de s\u00e9curit\u00e9 KB88287","product":{"name":"N/A","vendor":{"name":"VMware","scada":false}}},{"description":"ESXi versions 8.0 sans les correctifs de s\u00e9curit\u00e9 ESXi80U1d-23299997 et ESXi80U2sb-23305545","product":{"name":"ESXi","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es par l\u2019\u00e9diteur (cf.\nsection Documentation).\n\n## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour les mesures de\ncontournement (cf. section Documentation).\n","cves":[{"name":"CVE-2024-22252","url":"https://www.cve.org/CVERecord?id=CVE-2024-22252"},{"name":"CVE-2024-22253","url":"https://www.cve.org/CVERecord?id=CVE-2024-22253"},{"name":"CVE-2024-22255","url":"https://www.cve.org/CVERecord?id=CVE-2024-22255"},{"name":"CVE-2024-22254","url":"https://www.cve.org/CVERecord?id=CVE-2024-22254"}],"links":[{"title":"How to remove USB controllers from a Virtual Machine","url":"https://kb.vmware.com/s/article/96682"}],"reference":"CERTFR-2024-AVI-0186","revisions":[{"description":"Version initiale","revision_date":"2024-03-06T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits VMware</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0\nl'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 VMware VMSA-2024-0006 du 05 mars 2024","url":"https://www.vmware.com/security/advisories/VMSA-2024-0006.html"}]}