CERTFR-2024-AVI-0942
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans les produits Broadcom. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Broadcom | Management Center - VA | Management Center - VA versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S500 | SG-S500 versions antérieures à 7.4.7.1 | ||
| Broadcom | SSL Visibility Appliance Software | SSL Visibility Appliance Software versions antérieures à 7.4.7.1 | ||
| Broadcom | SSP-S410 | SSP-S410 versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-3800 | SV-3800 versions antérieures à 7.4.7.1 | ||
| Broadcom | ProxySG Software - SGOS | ProxySG Software - SGOS versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S400 | CAS-S400 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S400-RP | SG-S400-RP versions antérieures à 7.3.23.1 | ||
| Broadcom | SV-S550 | SV-550 versions antérieures à 7.4.7.1 | ||
| Broadcom | SG-S200-40 | SG-S200-40 versions antérieures à 7.4.7.1 | ||
| Broadcom | ProxySG Software - SGOS | ProxySG Software - SGOS versions antérieures à 7.4.7.1 | ||
| Broadcom | ASG-S500 | ASG-S500 versions antérieures à 7.3.23.1 | ||
| Broadcom | ASG-S200 | ASG-S200 versions antérieures à 7.3.23.1 | ||
| Broadcom | Content Analysis Software | Content Analysis Software versions antérieures à 7.4.7.1 | ||
| Broadcom | ISG Content Analysis | ISG Content Analysis versions antérieures à 7.4.7.1 | ||
| Broadcom | Management Center | Management Center versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-2800 | SV-2800 versions antérieures à 7.3.23.1 | ||
| Broadcom | Reporter | Reporter versions antérieures à 7.4.7.1 | ||
| Broadcom | ASG-S500 | ASG-S500 versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-1800 | SV-1800 versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-3800 | SV-3800 versions antérieures à 7.3.23.1 | ||
| Broadcom | ASG-S400 | ASG-S400 versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-1800 | SV-1800 versions antérieures à 7.3.23.1 | ||
| Broadcom | ISG Proxy | ISG Proxy versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S500 | CAS-S500 versions antérieures à 7.3.23.1 | ||
| Broadcom | SV-800 | SV-800 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S500-RP | SG-S500-RP versions antérieures à 7.3.23.1 | ||
| Broadcom | ISG Proxy | ISG Proxy versions antérieures à 7.4.7.1 | ||
| Broadcom | ISG Content Analysis | ISG Content Analysis versions antérieures à 7.3.23.1 | ||
| Broadcom | SSP-S410 PLATFORM | SSP-S410 PLATFORM versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-S550 | SV-550 versions antérieures à 7.3.23.1 | ||
| Broadcom | SV-2800 | SV-2800 versions antérieures à 7.4.7.1 | ||
| Broadcom | SSP | SSP versions antérieures à 7.3.23.1 | ||
| Broadcom | Reporter-VA | Reporter-VA versions antérieures à 7.4.7.1 | ||
| Broadcom | Management Center | Management Center versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S200 | CAS-S200 versions antérieures à 7.3.23.1 | ||
| Broadcom | SSP-S210 PLATFORM | SSP-S210 PLATFORM versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S200 | CAS-S200 versions antérieures à 7.4.7.1 | ||
| Broadcom | CAS-S400 | CAS-S400 versions antérieures à 7.4.7.1 | ||
| Broadcom | Management Center - VA | Management Center - VA versions antérieures à 7.4.7.1 | ||
| Broadcom | SG-S200-RP | SG-S200-RP versions antérieures à 7.4.7.1 | ||
| Broadcom | Reporter-VA | Reporter-VA versions antérieures à 7.3.23.1 | ||
| Broadcom | SSP-S410 | SSP-S410 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S400-RP | SG-S400-RP versions antérieures à 7.4.7.1 | ||
| Broadcom | SSP-S210 PLATFORM | SSP-S210 PLATFORM versions antérieures à 7.4.7.1 | ||
| Broadcom | Reporter-S500 | Reporter-S500 versions antérieures à 7.4.7.1 | ||
| Broadcom | ASG-S400 | ASG-S400 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S200 | SG-S200 versions antérieures à 7.4.7.1 | ||
| Broadcom | ASG-S200 | ASG-S200 versions antérieures à 7.4.7.1 | ||
| Broadcom | MC-S400-20 | MC-S400-20 versions antérieures à 7.4.7.1 | ||
| Broadcom | SG-S200-40 | SG-S200-40 versions antérieures à 7.3.23.1 | ||
| Broadcom | SSP | SSP versions antérieures à 7.4.7.1 | ||
| Broadcom | SG-S500-RP | SG-S500-RP versions antérieures à 7.4.7.1 | ||
| Broadcom | SV-800 | SV-800 versions antérieures à 7.4.7.1 | ||
| Broadcom | Reporter-S500 | Reporter-S500 versions antérieures à 7.3.23.1 | ||
| Broadcom | SSL Visibility Appliance Software | SSL Visibility Appliance Software versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S200-A1 | CAS-S200-A1 versions antérieures à 7.4.7.1 | ||
| Broadcom | Reporter | Reporter versions antérieures à 7.3.23.1 | ||
| Broadcom | CAS-S500 | CAS-S500 versions antérieures à 7.4.7.1 | ||
| Broadcom | SSP-S410 PLATFORM | SSP-S410 PLATFORM versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S400 | SG-S400 versions antérieures à 7.4.7.1 | ||
| Broadcom | CAS-S200-A1 | CAS-S200-A1 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S500 | SG-S500 versions antérieures à 7.3.23.1 | ||
| Broadcom | MC-S400-20 | MC-S400-20 versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S200 | SG-S200 versions antérieures à 7.3.23.1 | ||
| Broadcom | Content Analysis Software | Content Analysis Software versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S200-RP | SG-S200-RP versions antérieures à 7.3.23.1 | ||
| Broadcom | SG-S400 | SG-S400 versions antérieures à 7.3.23.1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Management Center - VA versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Management Center - VA",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S500 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSL Visibility Appliance Software versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SSL Visibility Appliance Software",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S410 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SSP-S410",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-3800 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SV-3800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ProxySG Software - SGOS versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ProxySG Software - SGOS",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S400 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "CAS-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S400-RP versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S400-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-550 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SV-S550",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200-40 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S200-40",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ProxySG Software - SGOS versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ProxySG Software - SGOS",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S500 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ASG-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S200 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ASG-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Content Analysis Software versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Content Analysis Software",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ISG Content Analysis versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ISG Content Analysis",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Management Center versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Management Center",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-2800 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SV-2800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Reporter",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S500 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ASG-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-1800 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SV-1800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-3800 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SV-3800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S400 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ASG-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-1800 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SV-1800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ISG Proxy versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ISG Proxy",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S500 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "CAS-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-800 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SV-800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S500-RP versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S500-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ISG Proxy versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ISG Proxy",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ISG Content Analysis versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ISG Content Analysis",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S410 PLATFORM versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SSP-S410 PLATFORM",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-550 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SV-S550",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-2800 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SV-2800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SSP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter-VA versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Reporter-VA",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Management Center versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Management Center",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S200 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "CAS-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S210 PLATFORM versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SSP-S210 PLATFORM",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S200 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "CAS-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S400 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "CAS-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Management Center - VA versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Management Center - VA",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200-RP versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S200-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter-VA versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Reporter-VA",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S410 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SSP-S410",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S400-RP versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S400-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S210 PLATFORM versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SSP-S210 PLATFORM",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter-S500 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "Reporter-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S400 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "ASG-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "ASG-S200 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "ASG-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "MC-S400-20 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "MC-S400-20",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200-40 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S200-40",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SSP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S500-RP versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S500-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SV-800 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SV-800",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter-S500 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Reporter-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSL Visibility Appliance Software versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SSL Visibility Appliance Software",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S200-A1 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "CAS-S200-A1",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Reporter versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Reporter",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S500 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "CAS-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SSP-S410 PLATFORM versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SSP-S410 PLATFORM",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S400 versions ant\u00e9rieures \u00e0 7.4.7.1",
"product": {
"name": "SG-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "CAS-S200-A1 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "CAS-S200-A1",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S500 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S500",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "MC-S400-20 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "MC-S400-20",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S200",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "Content Analysis Software versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "Content Analysis Software",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S200-RP versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S200-RP",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
},
{
"description": "SG-S400 versions ant\u00e9rieures \u00e0 7.3.23.1",
"product": {
"name": "SG-S400",
"vendor": {
"name": "Broadcom",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
}
],
"initial_release_date": "2024-11-04T00:00:00",
"last_revision_date": "2024-11-04T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0942",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Broadcom. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Broadcom",
"vendor_advisories": [
{
"published_at": "2024-11-01",
"title": "Bulletin de s\u00e9curit\u00e9 Broadcom 25157",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25157"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…