{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Sterling Connect:Direct pour UNIX versions 6.1.0.x ant\u00e9rieures \u00e0\u00a06.1.0.4.iFix104</li> <li>Sterling Connect:Direct pour UNIX versions 6.0.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix163</li> <li>Sterling Connect:Direct FTP+ versions ant\u00e9rieures \u00e0 1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix026</li> <li>QRadar App SDK versions 2.2.x ant\u00e9rieures \u00e0 2.2.1</li> <li>QRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.13</li> <li>Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.20.0</li> <li>QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF01</li> <li>QRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.10.20.0</li> <li>WebSphere Application Server Liberty versions post\u00e9rieures \u00e0 21.0.0.2 et ant\u00e9rieures \u00e0 24.0.0.4</li> <li>WebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.19</li> <li>WebSphere Application Server versions post\u00e9rieures \u00e0 8.5.5.2 ant\u00e9rieures \u00e0 8.5.5.26</li> <li>Sterling B2B Integrator versions 6.0.x.x \u00e0 6.1.x.x ant\u00e9rieures \u00e0 6.1.2.5</li> <li>Sterling B2B Integrator versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.1</li> </ul> <p>Se r\u00e9f\u00e9rer aux bulletin de l'\u00e9diteur pour les versions des fichiers vuln\u00e9rables (cf. section Documentation).</p> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2024-20919","url":"https://www.cve.org/CVERecord?id=CVE-2024-20919"},{"name":"CVE-2022-48564","url":"https://www.cve.org/CVERecord?id=CVE-2022-48564"},{"name":"CVE-2024-1597","url":"https://www.cve.org/CVERecord?id=CVE-2024-1597"},{"name":"CVE-2023-43642","url":"https://www.cve.org/CVERecord?id=CVE-2023-43642"},{"name":"CVE-2023-46218","url":"https://www.cve.org/CVERecord?id=CVE-2023-46218"},{"name":"CVE-2023-45857","url":"https://www.cve.org/CVERecord?id=CVE-2023-45857"},{"name":"CVE-2023-51385","url":"https://www.cve.org/CVERecord?id=CVE-2023-51385"},{"name":"CVE-2023-46234","url":"https://www.cve.org/CVERecord?id=CVE-2023-46234"},{"name":"CVE-2023-38546","url":"https://www.cve.org/CVERecord?id=CVE-2023-38546"},{"name":"CVE-2023-37920","url":"https://www.cve.org/CVERecord?id=CVE-2023-37920"},{"name":"CVE-2024-20926","url":"https://www.cve.org/CVERecord?id=CVE-2024-20926"},{"name":"CVE-2021-31525","url":"https://www.cve.org/CVERecord?id=CVE-2021-31525"},{"name":"CVE-2023-52426","url":"https://www.cve.org/CVERecord?id=CVE-2023-52426"},{"name":"CVE-2022-45061","url":"https://www.cve.org/CVERecord?id=CVE-2022-45061"},{"name":"CVE-2023-4091","url":"https://www.cve.org/CVERecord?id=CVE-2023-4091"},{"name":"CVE-2023-50782","url":"https://www.cve.org/CVERecord?id=CVE-2023-50782"},{"name":"CVE-2023-0286","url":"https://www.cve.org/CVERecord?id=CVE-2023-0286"},{"name":"CVE-2024-22361","url":"https://www.cve.org/CVERecord?id=CVE-2024-22361"},{"name":"CVE-2024-20921","url":"https://www.cve.org/CVERecord?id=CVE-2024-20921"},{"name":"CVE-2021-35939","url":"https://www.cve.org/CVERecord?id=CVE-2021-35939"},{"name":"CVE-2023-28322","url":"https://www.cve.org/CVERecord?id=CVE-2023-28322"},{"name":"CVE-2023-42669","url":"https://www.cve.org/CVERecord?id=CVE-2023-42669"},{"name":"CVE-2023-2828","url":"https://www.cve.org/CVERecord?id=CVE-2023-2828"},{"name":"CVE-2023-22081","url":"https://www.cve.org/CVERecord?id=CVE-2023-22081"},{"name":"CVE-2023-20569","url":"https://www.cve.org/CVERecord?id=CVE-2023-20569"},{"name":"CVE-2012-0881","url":"https://www.cve.org/CVERecord?id=CVE-2012-0881"},{"name":"CVE-2019-13224","url":"https://www.cve.org/CVERecord?id=CVE-2019-13224"},{"name":"CVE-2023-34968","url":"https://www.cve.org/CVERecord?id=CVE-2023-34968"},{"name":"CVE-2024-26308","url":"https://www.cve.org/CVERecord?id=CVE-2024-26308"},{"name":"CVE-2019-19204","url":"https://www.cve.org/CVERecord?id=CVE-2019-19204"},{"name":"CVE-2023-27043","url":"https://www.cve.org/CVERecord?id=CVE-2023-27043"},{"name":"CVE-2023-48795","url":"https://www.cve.org/CVERecord?id=CVE-2023-48795"},{"name":"CVE-2021-22696","url":"https://www.cve.org/CVERecord?id=CVE-2021-22696"},{"name":"CVE-2023-42795","url":"https://www.cve.org/CVERecord?id=CVE-2023-42795"},{"name":"CVE-2023-28487","url":"https://www.cve.org/CVERecord?id=CVE-2023-28487"},{"name":"CVE-2023-22067","url":"https://www.cve.org/CVERecord?id=CVE-2023-22067"},{"name":"CVE-2023-6135","url":"https://www.cve.org/CVERecord?id=CVE-2023-6135"},{"name":"CVE-2022-46364","url":"https://www.cve.org/CVERecord?id=CVE-2022-46364"},{"name":"CVE-2024-22195","url":"https://www.cve.org/CVERecord?id=CVE-2024-22195"},{"name":"CVE-2020-28241","url":"https://www.cve.org/CVERecord?id=CVE-2020-28241"},{"name":"CVE-2023-45648","url":"https://www.cve.org/CVERecord?id=CVE-2023-45648"},{"name":"CVE-2023-45803","url":"https://www.cve.org/CVERecord?id=CVE-2023-45803"},{"name":"CVE-2022-46363","url":"https://www.cve.org/CVERecord?id=CVE-2022-46363"},{"name":"CVE-2023-34967","url":"https://www.cve.org/CVERecord?id=CVE-2023-34967"},{"name":"CVE-2021-35937","url":"https://www.cve.org/CVERecord?id=CVE-2021-35937"},{"name":"CVE-2024-25710","url":"https://www.cve.org/CVERecord?id=CVE-2024-25710"},{"name":"CVE-2023-3341","url":"https://www.cve.org/CVERecord?id=CVE-2023-3341"},{"name":"CVE-2021-41043","url":"https://www.cve.org/CVERecord?id=CVE-2021-41043"},{"name":"CVE-2019-16163","url":"https://www.cve.org/CVERecord?id=CVE-2019-16163"},{"name":"CVE-2023-1786","url":"https://www.cve.org/CVERecord?id=CVE-2023-1786"},{"name":"CVE-2024-0553","url":"https://www.cve.org/CVERecord?id=CVE-2024-0553"},{"name":"CVE-2021-30468","url":"https://www.cve.org/CVERecord?id=CVE-2021-30468"},{"name":"CVE-2024-26130","url":"https://www.cve.org/CVERecord?id=CVE-2024-26130"},{"name":"CVE-2019-19203","url":"https://www.cve.org/CVERecord?id=CVE-2019-19203"},{"name":"CVE-2023-43804","url":"https://www.cve.org/CVERecord?id=CVE-2023-43804"},{"name":"CVE-2023-33850","url":"https://www.cve.org/CVERecord?id=CVE-2023-33850"},{"name":"CVE-2022-48560","url":"https://www.cve.org/CVERecord?id=CVE-2022-48560"},{"name":"CVE-2017-7500","url":"https://www.cve.org/CVERecord?id=CVE-2017-7500"},{"name":"CVE-2023-42794","url":"https://www.cve.org/CVERecord?id=CVE-2023-42794"},{"name":"CVE-2022-34169","url":"https://www.cve.org/CVERecord?id=CVE-2022-34169"},{"name":"CVE-2022-3094","url":"https://www.cve.org/CVERecord?id=CVE-2022-3094"},{"name":"CVE-2022-41721","url":"https://www.cve.org/CVERecord?id=CVE-2022-41721"},{"name":"CVE-2022-42920","url":"https://www.cve.org/CVERecord?id=CVE-2022-42920"},{"name":"CVE-2022-23437","url":"https://www.cve.org/CVERecord?id=CVE-2022-23437"},{"name":"CVE-2023-42465","url":"https://www.cve.org/CVERecord?id=CVE-2023-42465"},{"name":"CVE-2023-5676","url":"https://www.cve.org/CVERecord?id=CVE-2023-5676"},{"name":"CVE-2021-33194","url":"https://www.cve.org/CVERecord?id=CVE-2021-33194"},{"name":"CVE-2024-20932","url":"https://www.cve.org/CVERecord?id=CVE-2024-20932"},{"name":"CVE-2023-49083","url":"https://www.cve.org/CVERecord?id=CVE-2023-49083"},{"name":"CVE-2011-4969","url":"https://www.cve.org/CVERecord?id=CVE-2011-4969"},{"name":"CVE-2024-20918","url":"https://www.cve.org/CVERecord?id=CVE-2024-20918"},{"name":"CVE-2021-35938","url":"https://www.cve.org/CVERecord?id=CVE-2021-35938"},{"name":"CVE-2022-46329","url":"https://www.cve.org/CVERecord?id=CVE-2022-46329"},{"name":"CVE-2023-34966","url":"https://www.cve.org/CVERecord?id=CVE-2023-34966"},{"name":"CVE-2023-26604","url":"https://www.cve.org/CVERecord?id=CVE-2023-26604"},{"name":"CVE-2022-41723","url":"https://www.cve.org/CVERecord?id=CVE-2022-41723"},{"name":"CVE-2023-46589","url":"https://www.cve.org/CVERecord?id=CVE-2023-46589"},{"name":"CVE-2023-32681","url":"https://www.cve.org/CVERecord?id=CVE-2023-32681"},{"name":"CVE-2024-20945","url":"https://www.cve.org/CVERecord?id=CVE-2024-20945"},{"name":"CVE-2023-39615","url":"https://www.cve.org/CVERecord?id=CVE-2023-39615"},{"name":"CVE-2017-7501","url":"https://www.cve.org/CVERecord?id=CVE-2017-7501"},{"name":"CVE-2023-28486","url":"https://www.cve.org/CVERecord?id=CVE-2023-28486"},{"name":"CVE-2015-9251","url":"https://www.cve.org/CVERecord?id=CVE-2015-9251"},{"name":"CVE-2023-5388","url":"https://www.cve.org/CVERecord?id=CVE-2023-5388"},{"name":"CVE-2012-6708","url":"https://www.cve.org/CVERecord?id=CVE-2012-6708"},{"name":"CVE-2022-2127","url":"https://www.cve.org/CVERecord?id=CVE-2022-2127"},{"name":"CVE-2020-7656","url":"https://www.cve.org/CVERecord?id=CVE-2020-7656"},{"name":"CVE-2019-19012","url":"https://www.cve.org/CVERecord?id=CVE-2019-19012"},{"name":"CVE-2023-26159","url":"https://www.cve.org/CVERecord?id=CVE-2023-26159"},{"name":"CVE-2023-6597","url":"https://www.cve.org/CVERecord?id=CVE-2023-6597"},{"name":"CVE-2024-20952","url":"https://www.cve.org/CVERecord?id=CVE-2024-20952"},{"name":"CVE-2022-27664","url":"https://www.cve.org/CVERecord?id=CVE-2022-27664"},{"name":"CVE-2024-22234","url":"https://www.cve.org/CVERecord?id=CVE-2024-22234"}],"links":[],"reference":"CERTFR-2024-AVI-0305","revisions":[{"description":"Version initiale","revision_date":"2024-04-12T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits IBM</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147813 du 09 avril 2024","url":"https://www.ibm.com/support/pages/node/7147813"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148062 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148062"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147943 du 10 avril 2024","url":"https://www.ibm.com/support/pages/node/7147943"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147903 du 10 avril 2024","url":"https://www.ibm.com/support/pages/node/7147903"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148094 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148094"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148151 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148151"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148066 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148066"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148158 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148158"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147727 du 08 avril 2024","url":"https://www.ibm.com/support/pages/node/7147727"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148065 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148065"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148068 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148068"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147728 du 08 avril 2024","url":"https://www.ibm.com/support/pages/node/7147728"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147944 du 10 avril 2024","url":"https://www.ibm.com/support/pages/node/7147944"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147726 du 08 avril 2024","url":"https://www.ibm.com/support/pages/node/7147726"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147923 du 10 avril 2024","url":"https://www.ibm.com/support/pages/node/7147923"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7147812 du 09 avril 2024","url":"https://www.ibm.com/support/pages/node/7147812"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM 7148063 du 11 avril 2024","url":"https://www.ibm.com/support/pages/node/7148063"}]}