{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"ISE et ISE-PIC version 3.4 sans les correctifs de s\u00e9curit\u00e9 Patch 4 et 6  (disponible avril 2026)","product":{"name":"Identity Services Engine","vendor":{"name":"Cisco","scada":false}}},{"description":"ISE et ISE-PIC version 3.3 sans les correctifs de s\u00e9curit\u00e9 Patch 8 et 11  (disponible avril 2026)","product":{"name":"Identity Services Engine","vendor":{"name":"Cisco","scada":false}}},{"description":"ISE et ISE-PIC versions ant\u00e9rieures \u00e0 3.2 sans les correctifs de s\u00e9curit\u00e9 Patch 8 et 10  (disponible avril 2026)","product":{"name":"Identity Services Engine","vendor":{"name":"Cisco","scada":false}}},{"description":"Webex, la vuln\u00e9rabilit\u00e9 CVE-2026-20184 a \u00e9t\u00e9 corrig\u00e9e par Cisco, aucune action utilisateur n'est requise, sauf en cas d'utilisation du SSO (se r\u00e9f\u00e9rer au bulletin \u00e9diteur cisco-sa-webex-cui-cert-8jSZYhWL pour plus de d\u00e9tails)","product":{"name":"Webex","vendor":{"name":"Cisco","scada":false}}},{"description":"ISE et ISE-PIC version 3.5 sans le correctif de s\u00e9curit\u00e9 Patch 3","product":{"name":"Identity Services Engine","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2026-20148","url":"https://www.cve.org/CVERecord?id=CVE-2026-20148"},{"name":"CVE-2026-20184","url":"https://www.cve.org/CVERecord?id=CVE-2026-20184"},{"name":"CVE-2026-20180","url":"https://www.cve.org/CVERecord?id=CVE-2026-20180"},{"name":"CVE-2026-20186","url":"https://www.cve.org/CVERecord?id=CVE-2026-20186"},{"name":"CVE-2026-20147","url":"https://www.cve.org/CVERecord?id=CVE-2026-20147"}],"links":[],"reference":"CERTFR-2026-AVI-0451","revisions":[{"description":"Version initiale","revision_date":"2026-04-16T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":"2026-04-15","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ise-rce-4fverepv","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv"},{"published_at":"2026-04-15","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ise-rce-traversal-8bYndVrZ","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ"},{"published_at":"2026-04-15","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-webex-cui-cert-8jSZYhWL","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL"}]}