{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Unity Connection versions ant\u00e9rieures \u00e0 14SU5","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"NSO versions ant\u00e9rieures \u00e0 6.4.1.3","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"Unity Connection versions 15.0 ant\u00e9rieures \u00e0 15SU4","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"SG350 et SG350X toutes versions","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CNC versions ant\u00e9rieures \u00e0 7.2","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"IoT Field Network Director versions ant\u00e9rieures \u00e0 5.0.0-117","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":"L'\u00e9diteur indique que les appareils SG350 et SG350X ne sont plus support\u00e9s et ne recevront pas de correctif, mais propose une mesure de contournement pour la vuln\u00e9rabilit\u00e9 CVE-2026-20185.","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2026-20188","url":"https://www.cve.org/CVERecord?id=CVE-2026-20188"},{"name":"CVE-2026-20034","url":"https://www.cve.org/CVERecord?id=CVE-2026-20034"},{"name":"CVE-2026-20035","url":"https://www.cve.org/CVERecord?id=CVE-2026-20035"},{"name":"CVE-2026-20167","url":"https://www.cve.org/CVERecord?id=CVE-2026-20167"},{"name":"CVE-2026-20169","url":"https://www.cve.org/CVERecord?id=CVE-2026-20169"},{"name":"CVE-2026-20185","url":"https://www.cve.org/CVERecord?id=CVE-2026-20185"},{"name":"CVE-2026-20168","url":"https://www.cve.org/CVERecord?id=CVE-2026-20168"}],"links":[],"reference":"CERTFR-2026-AVI-0544","revisions":[{"description":"Version initiale","revision_date":"2026-05-07T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF).","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco","vendor_advisories":[{"published_at":"2026-05-06","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-nso-dos-7Egqyc","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"},{"published_at":"2026-05-06","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-unity-rce-ssrf-hENhuASy","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy"},{"published_at":"2026-05-06","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-sg350-snmp-dos-GEFZr2Tj","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj"},{"published_at":"2026-05-06","title":"Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iot-fnd-dos-n8N26Q4u","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u"}]}