Vulnerabilites related to fortinet - fortiproxy
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-355 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-355 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "BC692A93-FC05-4E0E-BC40-2798302A2C62", versionEndExcluding: "2.0.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.", }, ], id: "CVE-2022-41331", lastModified: "2024-11-21T07:23:04.220", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-11T17:15:07.437", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-355", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-355", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-08 11:15
Modified
2024-11-21 06:28
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-173 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-173 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiadc | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortindr | * | |
| fortinet | fortios-6k7k | * | |
| fortinet | fortios-6k7k | 6.4.2 | |
| fortinet | fortios-6k7k | 6.4.6 | |
| fortinet | fortiportal | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.0.0 | |
| fortinet | fortiproxy | 7.0.1 | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 6.4.0 | |
| fortinet | fortiweb | 6.4.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortirecorder_firmware | * | |
| fortinet | fortirecorder_firmware | * | |
| fortinet | fortiswitch | * | |
| fortinet | fortiswitch | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", matchCriteriaId: "D6DD5253-F76E-4799-BB45-79D7B7ACFFB1", versionEndIncluding: "6.1.5", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", matchCriteriaId: "075C4223-7586-4799-AFA8-7B578BD144B5", versionEndIncluding: "6.2.2", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CF9AE101-566A-4460-AA97-18288BBD7639", versionEndIncluding: "6.4.7", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "CCEB8E5F-BBF2-4E6E-91C6-AA47E2CAD022", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "3E2DC5CE-ED48-48B7-8654-7B29A65A7454", versionEndIncluding: "6.2.7", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "C0A5C345-7055-4F18-AE77-FF1DBE41AB89", versionEndIncluding: "6.4.6", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "43038EC9-6FD3-488C-8CA3-8B4A705C3E11", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "958C238F-B3DD-41A7-801D-0C39143A5E09", versionEndIncluding: "6.4.7", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7C5772DB-7F52-479C-914D-778552395990", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*", matchCriteriaId: "F49E4A60-2FA0-4298-BF2E-53C86AF21BEC", versionEndIncluding: "1.5.2", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*", matchCriteriaId: "BEE493CA-7BE8-454A-82FD-11DB82D8FC3A", versionEndIncluding: "6.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "59BD8EE9-6F94-4EA5-B22B-1B446A15F2A1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:*", matchCriteriaId: "50BDB150-8E02-427D-A9FC-C7C3C90F0584", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", matchCriteriaId: "9D4A0E2F-41C7-4AFB-AC6D-83E7B1A5FC70", versionEndIncluding: "6.0.10", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "CEBD9074-C3A5-437E-AC44-C41E4B001980", versionEndIncluding: "2.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D909C90B-E136-4E8E-B551-FE0369172C1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "70E9D9A8-EFF1-4ABE-A04D-FD983443DD3A", versionEndIncluding: "6.0.10", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "E8611A25-64A1-4BCE-AA46-E47DFD607CB2", versionEndIncluding: "6.4.4", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "1FEA2E8B-78B6-40AA-9201-BDF4838950CC", versionEndIncluding: "6.3.16", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "74A92A08-E6F6-4522-A6DA-061950AD3525", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*", matchCriteriaId: "A6A3D2C4-C3FA-4E12-9156-DAFEA4E00BCC", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BE1C5491-6C94-48A9-8D59-5162E576E54A", versionEndIncluding: "6.0.13", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3", versionEndIncluding: "6.2.9", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D183D979-7F73-4D02-91B7-D0C93DE55A8F", versionEndIncluding: "6.4.7", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F2E9D423-721A-482B-BA6B-52E4D8C07C58", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D3E33B56-1975-4B78-A157-E0EADB3BC1B7", versionEndIncluding: "6.0.10", versionStartIncluding: "2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CB7DEA7-E461-43B0-98EB-CE436DE87D98", versionEndIncluding: "6.4.2", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "C6E5A33E-F744-4CC0-ABA0-D1734845AFBB", versionEndIncluding: "6.4.9", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "BB3C99AC-DCA1-44A0-9671-F424109A6038", versionEndIncluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.", }, { lang: "es", value: "Un desbordamiento de búfer [CWE-121] en la biblioteca del cliente TFTP de FortiOS versiones anteriores a 6.4.7 y FortiOS versiones 7.0.0 hasta 7.0.2, puede permitir a un atacante local autenticado lograr una ejecución de código arbitrario por medio de argumentos de línea de comandos especialmente diseñados", }, ], id: "CVE-2021-42757", lastModified: "2024-11-21T06:28:06.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-08T11:15:11.840", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-173", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 19:07
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-119 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-119 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "2D5DD84F-2A2A-40E4-AAE7-516E086556CF", versionEndExcluding: "2.0.13", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "122518E7-EA43-4240-AAFB-61AD2AA28A2B", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4D1EB4C4-34D4-449E-AB52-397F3DF750B2", versionEndExcluding: "6.2.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B153B056-24AE-41C4-B644-65E080C18360", versionEndExcluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "5296F4A1-F228-451A-9B42-A418B7DCFFBA", versionEndExcluding: "1.1.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiOS 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14, 6.0.0 a 6.0.16 , FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, 2.0.0 a 2.0.12, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiPAM 1.0.0 a 1.0.3 permite a un atacante ejecutar código o comandos no autorizados mediante un comando especialmente manipulado.", }, ], id: "CVE-2023-29181", lastModified: "2024-12-10T19:07:41.227", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-22T10:15:08.140", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-119", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-13 07:15
Modified
2024-11-21 08:10
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-138 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-138 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7E1251FE-2B46-46AA-B474-506B0079810D", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4D78C235-F7F5-4611-8467-0CC4F0F69111", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C2573C90-BE6A-4D5D-A223-F09213318909", versionEndIncluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "3BA2C6ED-2765-4B56-9B37-10C50BD32C75", versionEndIncluding: "1.0.3", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0CC27DCF-F74C-431C-9545-F405D369AF22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiProxy versiones 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, versiones de FortiOS 7.4.0, 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.15, 6.0.0 a 6.0.17, las versiones de FortiPAM 1.0.0 a 1.0.3 permiten al atacante ejecutar código o comandos no autorizados a través de solicitudes API especialmente manipuladas.", }, ], id: "CVE-2023-36639", lastModified: "2024-11-21T08:10:09.100", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-13T07:15:12.900", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-138", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-138", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 | |
| fortinet | fortios | 7.2.1 | |
| fortinet | fortios | 7.2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "03222066-2B1D-4854-8CAE-6992D7F40150", versionEndIncluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FF6F9869-F824-4519-986E-A032668EA7BA", versionEndIncluding: "6.4.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8B736A23-95B8-4D87-863A-AC8E901078EA", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F5CE1D01-26C0-4141-B7B1-E26B976DF835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.", }, ], id: "CVE-2022-41335", lastModified: "2024-11-21T07:23:04.617", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:13.513", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-18 03:15
Modified
2024-11-21 06:28
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-206 | Not Applicable | |
| nvd@nist.gov | https://www.fortiguard.com/psirt/FG-IR-21-206 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-206 | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "5F6DA041-82B6-44B4-821F-3B20DDF9AB1B", versionEndExcluding: "6.4.8", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "F769E92C-C005-4BC8-9F48-F2E6218FFEC6", versionEndExcluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA2EE2B-21EC-4D67-8D10-44D20D489ECE", versionEndExcluding: "6.4.8", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "703550D7-5800-4870-9FE7-CE4B45B12591", versionEndExcluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2492A7-82C7-4FBA-BF73-045206262F7B", versionEndExcluding: "2.0.9", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "65B25C92-D0B5-46EC-99CD-D617BE4FD46B", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "2841B1B5-EC6D-46EE-8FD4-464330144791", versionEndExcluding: "6.2.11", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "08019066-27F4-4E9D-B6E5-2F74BAF065EE", versionEndExcluding: "6.4.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "103E0368-0675-4511-95BF-D5CCD67BBAA5", versionEndExcluding: "7.0.6", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.", }, ], id: "CVE-2021-43072", lastModified: "2024-11-21T06:28:38.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-18T03:15:54.947", references: [ { source: "psirt@fortinet.com", tags: [ "Not Applicable", ], url: "https://fortiguard.com/advisory/FG-IR-21-206", }, { source: "nvd@nist.gov", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-21-206", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://fortiguard.com/advisory/FG-IR-21-206", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2024-11-21 03:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-387 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-232 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-387 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-232 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "26F099AE-4482-4964-8B8A-1B412A423C3B", versionEndIncluding: "1.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0929E2F4-54B6-4D67-B694-EF1562E2B5F7", versionEndIncluding: "5.2.14", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7F970C1D-5018-4D52-91F6-A5F2CD123935", versionEndIncluding: "5.4.12", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9BC4C822-47EB-4EA0-834D-7A63D9F0E46D", versionEndIncluding: "5.6.10", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D27D2C-5211-41A7-B0F4-7721EE7884BF", versionEndIncluding: "6.0.4", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en Fortinet FortiOS versión 6.0.0 hasta la 6.0.4, versión 5.6.0 hasta la5.6.7, versión 5.4 y anteriores y FortiProxy versión 2.0.0, versión 1.2.8 y anteriores en el portal web SSL VPN permite a un atacante no autenticado realizar un ataque de denegación de servicio a través de cargas útiles de mensajes especiales", }, ], id: "CVE-2018-13381", lastModified: "2024-11-21T03:46:59.530", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T21:29:00.313", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-387", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-387", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-232", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2025-03-10 20:40
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-097 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-097 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 6.0.10 | |
| fortinet | fortios | 6.2.4 | |
| fortinet | fortios | 6.2.6 | |
| fortinet | fortios | 6.2.7 | |
| fortinet | fortios | 6.4.2 | |
| fortinet | fortios | 6.4.6 | |
| fortinet | fortios | 6.4.8 | |
| fortinet | fortios | 6.4.10 | |
| fortinet | fortios | 6.4.12 | |
| fortinet | fortios | 7.0.5 | |
| fortinet | fortios | 7.0.10 | |
| fortinet | fortigate_6000 | - | |
| fortinet | fortigate_7000 | - |
{ cisaActionDue: "2023-07-04", cisaExploitAdd: "2023-06-13", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3A99FF48-370E-4D2A-B5CC-889EA21AB213", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EA5512D-6EE5-4DF3-A960-C02394F25225", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3CD57A5A-2B13-495A-8530-8F97E1720602", versionEndIncluding: "6.2.13", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C2573C90-BE6A-4D5D-A223-F09213318909", versionEndIncluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6D997493-24C2-4A78-9DF0-6438E9415A3C", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.12", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0A0D0D55-1A51-454D-A8B1-D7100D453102", versionEndIncluding: "6.2.13", versionStartIncluding: "6.2.9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "FA6AF1FA-A034-439A-876B-BFA1BE7DE15E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", matchCriteriaId: "9694FC0C-408A-4892-ADD1-F36F4BBBD9EF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", matchCriteriaId: "2B8A132F-601F-4129-BFCA-3A976A711D5A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", matchCriteriaId: "90600B14-07C4-455D-9FC1-17034D91B987", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "B28478DA-8D10-4A8E-81EA-D3DF421E5089", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", matchCriteriaId: "C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", matchCriteriaId: "751D2FC7-482F-4C6B-95DB-244004A2738E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", matchCriteriaId: "EEE44B20-6F00-4962-9929-5A5054BBA94C", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", matchCriteriaId: "EB2FF1DA-001B-4CA1-9F46-427D9C92CBC6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", matchCriteriaId: "48D0E8CC-3815-4697-86D0-DC7F66E70520", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", matchCriteriaId: "78C6C937-4477-438D-A252-E4102D758120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fortinet:fortigate_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "3BB410C9-CDD4-4068-97E0-6D83AE62B7F1", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "E0CBA773-10C1-410D-BB01-771F454ABEBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.", }, ], id: "CVE-2023-27997", lastModified: "2025-03-10T20:40:57.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.613", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-097", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-097", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:16
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-346 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-346 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "41A9C3D8-28F8-4E91-9C6A-05DB343F1ACC", versionEndIncluding: "2.0.9", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "81E60913-FBE9-467B-AB4B-CA85E97527BA", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "F5B24750-4A57-4F80-AAE8-8AC316B376C2", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5056BFD5-9618-44FC-98E8-C4DA386F9925", versionEndExcluding: "7.0.8", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A7E1421F-A467-41FE-9065-1512008E942D", versionEndExcluding: "7.2.1", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.", }, ], id: "CVE-2022-38378", lastModified: "2024-11-21T07:16:21.357", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:12.930", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-346", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-346", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-364 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-364 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C83139FA-7195-4171-8BC6-CC4F9379C7C9", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "57AD1A53-1D86-4707-B63C-49E1633179AD", versionEndIncluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0087A620-D709-4771-B03E-3D5F0DCBC261", versionEndIncluding: "6.2.13", versionStartIncluding: "6.2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D865A-6411-4807-81D4-6A5C052C03C9", versionEndIncluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.", }, ], id: "CVE-2022-41329", lastModified: "2024-11-21T07:23:03.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-07T17:15:12.163", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-364", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-21 14:15
Modified
2024-11-21 05:36
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-009 | Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-236 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-009 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-236 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "D87AB8E6-5D58-4C4D-A465-29E756B0AA82", versionEndExcluding: "1.2.10", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "DCF2FC57-1A6E-422B-9EB5-5A9EF683BDAB", versionEndExcluding: "6.0.12", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B59A39D6-9494-4273-8348-1078A77DD796", versionEndExcluding: "6.2.5", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the \"diag sys ha checksum show\" command.", }, { lang: "es", value: "Un vulnerabilidad almacenamiento de información confidencial en texto sin cifrar en la interfaz de línea de comandos de FortiOS en las versiones 6.2.4 y anteriores y FortiProxy en las versiones versiones 2.0.0, 1.2.9 y anteriores, puede permitir a un atacante autenticado obtener información confidencial como las contraseñas de los usuarios al conectarse a la CLI de FortiGate y ejecutar el comando \"diag sys ha checksum show\"", }, ], id: "CVE-2020-6648", lastModified: "2024-11-21T05:36:05.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-21T14:15:20.387", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-009", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2024-12-12 19:33
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-032 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiportal | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4A93633F-8865-49D7-A5CE-F7D009DFB901", versionEndExcluding: "7.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "18427F16-7339-4A9E-9FA4-EC7A2D3EE218", versionEndExcluding: "1.3.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894", versionEndExcluding: "7.0.17", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFFA2C3-0A23-4884-B751-785BE598DFF3", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "D2AD66B0-9C99-4F83-80AA-B54E6354ADFD", versionEndExcluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "56DC03E9-D1CF-4273-AF2F-5EB3B8E2D54B", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "4763E504-6974-42C5-B912-3E62A9CC312A", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "E4490512-36ED-4212-9D34-D74739A56E84", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7A020C2E-1DDB-4737-92D9-B125FFBE007A", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB0D2553-E4E6-454A-80F6-9D014A4710D3", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", matchCriteriaId: "0123003E-587B-4EC8-83B6-0C5D87A8AC10", versionEndExcluding: "6.0.15", versionStartIncluding: "5.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Autenticación faltante para función crítica en Fortinet FortiManager versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.14, FortiPAM versión 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiProxy versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.17, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiSwitchManager versión 7.2.0 a 7.2.3, 7.0.0 a 7.0.3, FortiPortal versión 6.0.0 a 6.0.14, FortiOS versión 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0.18 permite a un atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-26011", lastModified: "2024-12-12T19:33:58.833", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-12T19:15:08.320", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:18
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-259 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.6.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7269FDB6-A1D4-4912-8751-87BA52614FDA", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "241A8930-4ADA-4380-AA42-F10B28487595", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "32CFAF1E-358A-4F6D-96CB-D7229F0D9D74", versionEndExcluding: "7.0.19", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C8B93C73-1E94-4854-8405-C3689860A74C", versionEndExcluding: "7.2.12", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "5B276403-CE85-445A-9E5D-BBFBD7AB7A68", versionEndExcluding: "7.4.6", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "CD60BA50-3F98-46BF-97E8-28AB207DE12A", versionEndExcluding: "7.0.5", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B0D078-2F52-46B4-B9C0-162447828E1B", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "BBF1E214-4BC5-47E8-BF02-072D6D830BAF", versionEndIncluding: "6.4.10", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC", versionEndIncluding: "7.0.5", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2", versionEndExcluding: "7.4.5", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*", matchCriteriaId: "28B43375-DA74-4C5F-BAEE-39F312EEF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0532A5-31F2-4A92-BF31-6003E28AC948", versionEndExcluding: "7.0.16", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4D7D031B-221B-4738-AC83-4FB92A106528", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AD879-997D-4787-A1E9-E4132AC521E2", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", matchCriteriaId: "44CE8EE3-D64A-49C8-87D7-C18B302F864A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.", }, { lang: "es", value: "Una limitación incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en Fortinet FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiOS versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.5 a 7.2.9, 7.0.0 a 7.0.15, 6.4.0 a 6.4.15, FortiProxy 7.4.0 a 7.4.5, 7.2.0 a 7.2.11, 7.0.0 a 7.0.18, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiManager Cloud versiones 7.4.1 hasta 7.4.3, FortiRecorder versiones 7.2.0 hasta 7.2.1, 7.0.0 hasta 7.0.4, FortiVoice versiones 7.0.0 hasta 7.0.4, 6.4.0 hasta 6.4.9, 6.0.0 hasta 6.0.12, FortiWeb 7.6.0, 7.4.0 hasta 7.4.4, 7.2.0 hasta 7.2.10, 7.0.0 hasta 7.0.10, 6.4.0 hasta 6.4.3 permite al atacante activar una escalada de privilegios a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-48884", lastModified: "2025-02-03T22:18:16.507", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-14T14:15:32.873", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-11 15:15
Modified
2024-11-21 06:28
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-230 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-230 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "257816EC-14E2-4F4C-BF00-0E88A25439CF", versionEndExcluding: "2.0.8", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA", versionEndExcluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4", versionEndIncluding: "6.0.14", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B4361DFE-431C-470A-9C9A-263681F125CC", versionEndIncluding: "6.2.10", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "08019066-27F4-4E9D-B6E5-2F74BAF065EE", versionEndExcluding: "6.4.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "30F10D70-1176-4119-BF1A-C2A5FCA386D4", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.", }, { lang: "es", value: "Una vulnerabilidad de neutralización inapropiada de la entrada durante la generación de la página web [CWE-79] en FortiOS versión 7.0.3 y anteriores, 6.4.8 y anteriores, 6.2.10 y anteriores, 6.0.14 a 6.0.0. y en FortiProxy versión 7.0.1 y anteriores, 2.0.7 a 2.0.0, el formulario de anulación del filtro web puede permitir a un atacante no autenticado llevar a cabo un ataque de tipo XSS por medio de peticiones HTTP GET diseñadas", }, ], id: "CVE-2021-43081", lastModified: "2024-11-21T06:28:39.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-11T15:15:08.603", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-230", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-13 16:15
Modified
2024-08-22 14:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-445 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C73A0CBF-65BB-4C0A-9A4C-ABE88AF340DD", versionEndExcluding: "7.4.0", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "F1C48730-14E4-4B4A-AD08-BA23903D961E", versionEndExcluding: "7.2.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C84C7A2F-EE15-4CAA-BC3F-A7FDD8A4574F", versionEndExcluding: "7.2.6", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "1F1595B0-CE4A-4B4E-9F5E-A411A012086F", versionEndExcluding: "1.4.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.", }, { lang: "es", value: "Una vulnerabilidad de caducidad de sesión insuficiente [CWE-613] en FortiOS 7.2.5 y versiones anteriores, 7.0 todas las versiones, 6.4 todas las versiones; FortiProxy 7.2 todas las versiones, 7.0 todas las versiones; FortiPAM 1.3 todas las versiones, 1.2 todas las versiones, 1.1 todas las versiones, 1.0 todas las versiones; FortiSwitchManager 7.2.1 y versiones anteriores, 7.0 todas las versiones de GUI pueden permitir a los atacantes reutilizar sesiones web después de cerrar sesión en la GUI, en caso de que logren adquirir las credenciales requeridas.", }, ], id: "CVE-2022-45862", lastModified: "2024-08-22T14:32:16.823", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-13T16:15:07.977", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-445", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:18
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-257 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-257 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "247BFEDF-2B1D-4E1F-A699-3BEDD4B63EA0", versionEndIncluding: "2.0.9", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B778AD94-D279-42B4-A062-8231F14936B3", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5056BFD5-9618-44FC-98E8-C4DA386F9925", versionEndExcluding: "7.0.8", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)", }, ], id: "CVE-2022-39948", lastModified: "2024-11-21T07:18:32.453", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:12.993", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-257", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 08:05
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.2.0 | |
| fortinet | fortiweb | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3A99FF48-370E-4D2A-B5CC-889EA21AB213", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "29BAA789-62A7-4040-B6F7-8E70FFBA0399", versionEndIncluding: "6.3.23", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "AF5ED7B3-39F3-49FD-82D9-72CAB2D68636", versionEndIncluding: "6.4.3", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "00A1259A-261F-47B9-8DFA-16C7C67F27E0", versionEndIncluding: "7.0.6", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "1E2F1B5C-5CD3-4614-9B4D-E9D91FCF9321", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "962B85ED-89C2-4453-9F59-F242031A2E46", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB7E21E-A68B-44FC-8F0E-EF5926186F26", versionEndIncluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3F93F9C8-6064-4CED-88DF-3580C517AB51", versionEndIncluding: "5.2.15", versionStartIncluding: "5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0", versionEndIncluding: "5.4.13", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D962937C-B057-4422-A672-8DD2F3C3B3B6", versionEndIncluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.", }, ], id: "CVE-2023-33305", lastModified: "2024-11-21T08:05:22.690", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:18.563", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-375", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-835", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-23 02:00
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-535 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2025-01-21", cisaExploitAdd: "2025-01-14", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "1B14CD59-F557-48A0-8458-BECD3AD7DB3A", versionEndExcluding: "7.0.20", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDC18768-0891-465E-9900-3DF5D22A5CB3", versionEndExcluding: "7.2.13", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BD357034-B2FD-4C2E-97FE-2C54D686D885", versionEndExcluding: "7.0.17", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.", }, { lang: "es", value: "Una vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS versión 7.0.0 a 7.0.16 y FortiProxy versión 7.0.0 a 7.0.19 y 7.2.0 a 7.2.12 permite que un atacante remoto obtenga privilegios de superadministrador mediante solicitudes manipuladas al módulo websocket Node.js.", }, ], id: "CVE-2024-55591", lastModified: "2025-01-23T02:00:02.310", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-14T14:15:34.450", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-09 15:15
Modified
2024-12-12 19:22
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-493 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-493 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A966233A-245A-4256-A142-84FACB98EE4E", versionEndExcluding: "7.0.14", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "469D97BA-282C-4875-A156-FDA00B5B4093", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B8AA0CE6-3E57-47D9-8318-215F0C4A2031", versionEndExcluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E9BCDC86-176E-401A-B188-F77E22BCFC2D", versionEndExcluding: "6.2.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4E29353F-8791-4117-BA7A-E32FAB8348A4", versionEndExcluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D25F9C04-C7FD-4B1F-A194-CA69E5DE903C", versionEndExcluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "553C4BA9-953B-4017-8498-785BDA7A3006", versionEndExcluding: "7.2.7", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0", versionEndExcluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack", }, { lang: "es", value: "Credenciales insuficientemente protegidas en Fortinet FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6 , 1.0.0 a 1.0.7, Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17 permite al atacante ejecutar código o comandos no autorizados mediante un ataque de ingeniería social dirigido", }, ], id: "CVE-2023-41677", lastModified: "2024-12-12T19:22:04.470", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-04-09T15:15:27.400", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-493", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-493", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:56
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-013 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-013 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "94C6FBEA-B8B8-4A92-9CAF-F4A125577C3C", versionEndIncluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "406F8C48-85CE-46AF-BE5C-0ED9E3E16A39", versionEndIncluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A8DD8789-6485-49E6-92D3-74004D9B6E9B", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4841D40B-DA6E-4B4A-A698-8E23B3E40101", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.7", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "40193C91-DAF4-4A0D-9AA7-0D4DDE964488", versionEndIncluding: "7.0.13", versionStartIncluding: "7.0.1", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "24D09A92-81EC-4003-B017-C67FC739EEBF", versionEndIncluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "2E2A5347-D536-4D43-A163-5B5A3AFE742C", versionEndIncluding: "7.4.1", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.", }, { lang: "es", value: "Una omisión de autorización a través de una vulnerabilidad de clave controlada por el usuario [CWE-639] en FortiOS versión 7.4.0 a 7.4.1, 7.2.0 a 7.2.6, 7.0.1 a 7.0.13, 6.4.7 a 6.4.14, y FortiProxy versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14 SSL-VPN puede permitir que un atacante autenticado obtenga acceso al marcador de otro usuario mediante manipulación de URL.", }, ], id: "CVE-2024-23112", lastModified: "2024-11-21T08:56:57.390", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-12T15:15:49.090", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-013", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-013", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-639", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-02-11 17:15
Modified
2025-03-19 20:21
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-535 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2025-04-08", cisaExploitAdd: "2025-03-18", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "1B14CD59-F557-48A0-8458-BECD3AD7DB3A", versionEndExcluding: "7.0.20", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDC18768-0891-465E-9900-3DF5D22A5CB3", versionEndExcluding: "7.2.13", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BD357034-B2FD-4C2E-97FE-2C54D686D885", versionEndExcluding: "7.0.17", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.", }, { lang: "es", value: "Una vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS 7.0.0 a 7.0.16 y FortiProxy 7.2.0 a 7.2.12, 7.0.0 a 7.0.19 puede permitir que un atacante remoto obtenga privilegios de superadministrador a través de solicitudes de proxy CSF manipuladas.", }, ], id: "CVE-2025-24472", lastModified: "2025-03-19T20:21:38.197", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-02-11T17:15:34.867", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-18 17:15
Modified
2024-11-21 06:30
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-179 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-179 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "257816EC-14E2-4F4C-BF00-0E88A25439CF", versionEndExcluding: "2.0.8", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4", versionEndIncluding: "6.0.14", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85", versionEndExcluding: "6.2.11", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "08019066-27F4-4E9D-B6E5-2F74BAF065EE", versionEndExcluding: "6.4.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F2E9D423-721A-482B-BA6B-52E4D8C07C58", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria [CWE-121] en el intérprete de línea de comandos de FortiOS versiones anteriores a 7.0.4 y FortiProxy versiones anteriores a 2.0.8, puede permitir a un atacante autenticado ejecutar código o comandos no autorizados por medio de argumentos de línea de comandos especialmente diseñados", }, ], id: "CVE-2021-44170", lastModified: "2024-11-21T06:30:29.760", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-18T17:15:08.483", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-179", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-179", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-04 18:15
Modified
2024-11-21 05:49
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-235 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-235 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "204BD02A-F191-4760-8541-8C95E161C364", versionEndIncluding: "1.2.9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inapropiado en el portal FortiProxy SSL VPN versiones 2.0.0, 1.2.9 y anteriores, puede permitir a un atacante remoto autenticado acceder a servicios internos como ZebOS Shell en el dispositivo FortiProxy por medio de la funcionalidad Quick Connection", }, ], id: "CVE-2021-22128", lastModified: "2024-11-21T05:49:33.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-04T18:15:13.130", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-235", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-03 22:15
Modified
2024-11-21 07:45
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | 1.0.0 | |
| fortinet | fortiproxy | 1.1.0 | |
| fortinet | fortiproxy | 1.2.0 | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6EAFD6A7-AAC9-4073-9329-F5B1D9835E6B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "666BE44D-1B17-4B2E-9BA1-3A127CC0E0FE", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "906F778B-919C-499C-A2D5-4B59F206E430", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EA5512D-6EE5-4DF3-A960-C02394F25225", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D539CF21-2985-4E9B-94E8-E0B696752291", versionEndExcluding: "6.2.14", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE", versionEndExcluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.", }, ], id: "CVE-2023-22640", lastModified: "2024-11-21T07:45:06.567", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-05-03T22:15:17.857", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-475", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-475", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-11-21 08:54
Severity ?
1.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-423 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-423 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3158CE17-3505-4946-9DC9-99FDF741AB4C", versionEndIncluding: "2.0.14", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "216CB66F-E038-43F5-80AC-3F2735C354DA", versionEndIncluding: "7.0.18", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "1B10CB2F-7086-479A-A826-CF78F19CFB8B", versionEndIncluding: "7.2.11", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4A077234-F19C-4E87-A7A5-A266B5C903C7", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "884279B3-E480-44E1-B126-5C1029B6BE75", versionEndIncluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F75019A7-F58D-4863-AE73-B63E38C8D880", versionEndIncluding: "7.0.15", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "678EB0FA-2B29-4108-8378-C4803A543193", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.", }, { lang: "es", value: "Un uso de hash de contraseña con vulnerabilidad de esfuerzo computacional insuficiente [CWE-916] que afecta a FortiOS versión 7.4.3 e inferior, 7.2 todas las versiones, 7.0 todas las versiones, 6.4 todas las versiones y FortiProxy versión 7.4.2 e inferior, 7.2 todas las versiones, 7.0 todas versiones, 2.0, todas las versiones pueden permitir que un atacante privilegiado con perfil de superadministrador y acceso CLI pueda descifrar el archivo de copia de seguridad.", }, ], id: "CVE-2024-21754", lastModified: "2024-11-21T08:54:56.877", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 1.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.3, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T15:16:03.433", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-916", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-18 15:15
Modified
2024-11-21 06:58
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-086 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-086 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "95DEEC45-DE3D-4C1D-8FA3-163BF6FC12A5", versionEndExcluding: "1.2.13", versionStartIncluding: "1.2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4FAF62D3-E63F-4987-B030-5646E32FE6EF", versionEndExcluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B778AD94-D279-42B4-A062-8231F14936B3", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85", versionEndExcluding: "6.2.11", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6A7730E2-63AD-48F2-AE0A-6C8C9369A734", versionEndExcluding: "6.4.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A86B1AB3-F33E-461C-A19C-C3A51B47AC5F", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.", }, { lang: "es", value: "Un acceso de puntero no inicializado en Fortinet FortiOS versión 7.2.0, 7.0.0 hasta 7.0.5, 6.4.0 hasta 6.4.8, 6.2.0 hasta 6.2.10, 6.0.x, FortiProxy versión 7. 0.0 hasta 7.0.4, 2.0.0 hasta 2.0.9, 1.2.x permite a un atacante remoto no autenticado o autenticado bloquear el demonio sslvpn por medio de una petición HTTP GET", }, ], id: "CVE-2022-29055", lastModified: "2024-11-21T06:58:25.150", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-18T15:15:09.620", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-086", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-824", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-26 15:15
Modified
2024-11-21 08:05
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-183 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-183 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB39159-5B36-415A-A57E-AFAFD7B848CF", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.", }, ], id: "CVE-2023-33308", lastModified: "2024-11-21T08:05:23.120", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-26T15:15:10.347", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-183", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-09 16:15
Modified
2024-11-21 09:01
Severity ?
3.4 (Low) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-446 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-446 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "662CC1BD-BA5A-4765-9D74-A887690F726F", versionEndIncluding: "7.4.3", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F75019A7-F58D-4863-AE73-B63E38C8D880", versionEndIncluding: "7.0.15", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5F669948-010A-4105-9E63-0D47CA92CA10", versionEndIncluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D89D2813-5224-4658-97B8-56CBD3E49ED6", versionEndIncluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.", }, { lang: "es", value: "Un análisis incorrecto de números con vulnerabilidad de diferentes raíces [CWE-1389] en FortiProxy versión 7.4.3 e inferior, versión 7.2.10 e inferior, versión 7.0.17 e inferior y FortiOS versión 7.4.3 e inferior, versión 7.2.8 y A continuación, la versión 7.0.15 y anteriores, la función de validación de dirección IP puede permitir que un atacante no autenticado omita la lista de bloqueo de IP mediante solicitudes manipuladas.", }, ], id: "CVE-2024-26015", lastModified: "2024-11-21T09:01:45.940", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 3.4, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-09T16:15:04.810", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1389", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-704", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:45
Severity ?
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-479 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-479 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "176E9BB3-EAC8-48BF-B7E0-B5F1A59DB01E", versionEndIncluding: "2.0.12", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E9463F12-5733-4BBD-9A19-FAF05E3F8686", versionEndExcluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "2DE32DAA-88FE-4134-84CC-8C071F92D5F3", versionEndExcluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0C012F20-C335-46E8-B626-1634DB044942", versionEndExcluding: "6.4.13", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.", }, ], id: "CVE-2023-22641", lastModified: "2024-11-21T07:45:06.720", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-11T17:15:08.100", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-479", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-02 09:15
Modified
2025-02-24 15:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-398 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-398 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{ cisaActionDue: "2023-01-03", cisaExploitAdd: "2022-12-13", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB7E21E-A68B-44FC-8F0E-EF5926186F26", versionEndIncluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3F93F9C8-6064-4CED-88DF-3580C517AB51", versionEndIncluding: "5.2.15", versionStartIncluding: "5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0", versionEndIncluding: "5.4.13", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "795298D3-0C06-471C-87E2-2D04AC190EAD", versionEndExcluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F6785608-14A0-4825-BEC0-899E55A9FDF1", versionEndExcluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "55E67EF5-6AF0-410A-BDE7-CF745ED97328", versionEndExcluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C424900B-9A5E-440C-996B-2CF426F2CAA3", versionEndExcluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "00E89C95-E9FB-473A-BEB0-FA8E7225AC55", versionEndExcluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "954674E3-7E54-4D94-80DE-CB73AE0452EA", versionEndExcluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "81E60913-FBE9-467B-AB4B-CA85E97527BA", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "F5B24750-4A57-4F80-AAE8-8AC316B376C2", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "77974073-D92D-4EB8-854F-A6DCCD13C868", versionEndExcluding: "6.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F6785608-14A0-4825-BEC0-899E55A9FDF1", versionEndExcluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6A7730E2-63AD-48F2-AE0A-6C8C9369A734", versionEndExcluding: "6.4.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "EE6D1D19-1227-42BE-87A7-E798D60059A5", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fortinet:fim-7901e:-:*:*:*:*:*:*:*", matchCriteriaId: "689B8A1F-112D-42CE-A29B-692EF00150AD", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fim-7904e:-:*:*:*:*:*:*:*", matchCriteriaId: "33603726-AB6B-4773-904E-DE103CDCEA70", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fim-7910e:-:*:*:*:*:*:*:*", matchCriteriaId: "DB6056EE-E76C-4064-B252-E0D65A1CBFBB", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fim-7920e:-:*:*:*:*:*:*:*", matchCriteriaId: "43DF83AC-1B86-4C45-B5A3-EF56B65C9BF7", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fim-7921f:-:*:*:*:*:*:*:*", matchCriteriaId: "F7BAD653-D841-4744-AE85-C24FC1F3F6DF", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fim-7941f:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADCB4F1-E237-4525-95C4-2C8EFDD7A109", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6300f:-:*:*:*:*:*:*:*", matchCriteriaId: "BB61396B-D9EF-44DE-B211-E92EF5A52888", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6300f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "1AD28C00-00CC-433F-BD7B-AC58254E4785", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6500f:-:*:*:*:*:*:*:*", matchCriteriaId: "1A72901A-EA5B-48B0-9D0B-A8CD8903413C", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6500f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "D56B4C97-9BC9-4FB9-9623-F2897050FE8B", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6501f:-:*:*:*:*:*:*:*", matchCriteriaId: "50EFCC23-1135-4BC9-B180-E9045030C844", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6501f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "1E355C55-4CAA-4875-95F6-FCF3D360039F", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6601f:-:*:*:*:*:*:*:*", matchCriteriaId: "ACBFBDDC-1BD8-48AA-85A3-AA727C466C8D", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-6601f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "A56F4F2D-BE9B-458C-B906-017D14DEABBA", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-7030e:-:*:*:*:*:*:*:*", matchCriteriaId: "DEADC8C2-1DB4-4CB9-A014-7EF279C03C08", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-7040e:-:*:*:*:*:*:*:*", matchCriteriaId: "A6BBD9D7-5F9B-4438-91F9-EB496C8186C5", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-7060e:-:*:*:*:*:*:*:*", matchCriteriaId: "187AAEF7-3FBF-488C-9935-2FA15D131228", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fortigate-7121f:-:*:*:*:*:*:*:*", matchCriteriaId: "D9294854-FC23-4682-A695-325CA3347F37", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fpm-7620e:-:*:*:*:*:*:*:*", matchCriteriaId: "CAFABB00-194B-41E4-940C-A5CF3A9CECEB", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fpm-7620f:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CC0365-4336-4700-9A29-1AEA0CA781AF", vulnerable: false, }, { criteria: "cpe:2.3:h:fortinet:fpm-7630e:-:*:*:*:*:*:*:*", matchCriteriaId: "D7E4F7F8-50E4-4774-B1E7-13DC1A289104", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico [CWE-122] en FortiOS SSL-VPN 7.2.0 a 7.2.2, 7.0.0 a 7.0.8, 6.4.0 a 6.4.10, 6.2.0 a 6.2.11, 6.0 .15 y anteriores y FortiProxy SSL-VPN 7.2.0 hasta 7.2.1, 7.0.7 y anteriores pueden permitir que un atacante remoto no autenticado ejecute código o comandos arbitrarios a través de solicitudes específicamente manipuladas.", }, ], id: "CVE-2022-42475", lastModified: "2025-02-24T15:44:21.153", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-02T09:15:09.490", references: [ { source: "psirt@fortinet.com", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-398", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-197", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-09 09:15
Modified
2024-11-29 15:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-015 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-015 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2024-02-16", cisaExploitAdd: "2024-02-09", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Fortinet FortiOS Out-of-Bound Write Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "614BFD88-3C7A-4F6F-BD26-F53E4BC464D7", versionEndExcluding: "2.0.14", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "72ED8947-DBF3-483B-B267-117403A3D8E3", versionEndExcluding: "7.0.15", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DF62C95E-AB35-4A8E-84F8-5197E9D33C21", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4A077234-F19C-4E87-A7A5-A266B5C903C7", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AE33B892-8CBB-4E16-B529-A1A0C48CE664", versionEndExcluding: "6.0.18", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3DF10835-8DE2-415B-9EE8-99FFD699193E", versionEndExcluding: "6.2.16", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4E29353F-8791-4117-BA7A-E32FAB8348A4", versionEndExcluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C119229A-3805-47C1-B3F9-AF1A4007A63B", versionEndExcluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "553C4BA9-953B-4017-8498-785BDA7A3006", versionEndExcluding: "7.2.7", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "757A5257-6103-4DC5-B79F-727E4279614A", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests", }, { lang: "es", value: "Una escritura fuera de los límites en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17, y versiones de FortiProxy 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13 , 1.1.0 a 1.1.6, 1.0.0 a 1.0.7. Permite al atacante ejecutar código o comandos no autorizados a través de solicitudes específicamente manipuladas", }, ], id: "CVE-2024-21762", lastModified: "2024-11-29T15:23:32.167", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-09T09:15:08.087", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-015", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@fortinet.com", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-29 18:29
Modified
2025-01-27 21:30
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-388 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-229 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-388 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-229 | Vendor Advisory |
Impacted products
{ cisaActionDue: "2022-07-10", cisaExploitAdd: "2022-01-10", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet FortiOS and FortiProxy Out-of-bounds Write", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4B47708E-8A92-4767-8685-49C3143D0920", versionEndExcluding: "1.2.9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5CC2097E-BA3D-4596-B4E4-5FB0DDCAE2FE", versionEndExcluding: "5.2.15", versionStartIncluding: "5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B6E15-30AE-44E6-8009-A30FD3E5CCD3", versionEndExcluding: "5.4.13", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9093BE81-687C-4CCB-834A-BE49CEE367C5", versionEndExcluding: "5.6.11", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D37F1481-E7A7-4428-89C9-5DF9D206D056", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.", }, { lang: "es", value: "Un desbordamiento del búfer de la pila en Fortinet FortiOS versión 6.0.0 hasta 6.0.4, versión 5.6.0 hasta 5.6.10, versión 5.4.0 hasta 5.4.12, versión 5.2.14 y anteriores y FortiProxy versión 2.0.0, versión 1.2.8 y anteriores en el portal web de SSL VPN puede provocar la finalización del servicio web de SSL VPN para los usuarios registrados debido a un fallo en el manejo de los datos href de javascript al proxiar las páginas web", }, ], id: "CVE-2018-13383", lastModified: "2025-01-27T21:30:37.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-29T18:29:00.693", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-388", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-229", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-229", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-08 12:15
Modified
2024-11-21 05:55
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-158 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-158 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "40C734E1-EB71-4469-837D-A7D669AEEB6B", versionEndIncluding: "1.2.11", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "522EB71B-D6BA-4966-9CCB-572B9A11467E", versionEndIncluding: "2.0.3", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6EF01D9-50FB-4300-87FB-132649A9AC51", versionEndIncluding: "6.0.13", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3", versionEndIncluding: "6.2.9", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "88D6903E-70D0-4D63-BC68-BA37EE91BCB1", versionEndIncluding: "6.4.6", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "79FEE7F6-F72E-4A43-883C-0CF492DF355B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad de verificación insuficiente de la autenticidad de los datos (CWE-345) en la interfaz de usuario de FortiProxy versión 2.0.3 y anteriores, 1.2.11 y anteriores y FortiGate versión 7.0.0, 6.4.6 y anteriores, 6.2.9 y anteriores del portal SSL VPN puede permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site request forgery (CSRF). Sólo la VPN SSL en modo web o en modo completo está afectada por esta vulnerabilidad", }, ], id: "CVE-2021-26103", lastModified: "2024-11-21T05:55:52.177", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-08T12:15:07.677", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-158", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2024-11-21 03:46
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-383 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-230 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-383 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-230 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D695780A-26CA-4522-876E-FFC44F035F86", versionEndIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7F970C1D-5018-4D52-91F6-A5F2CD123935", versionEndIncluding: "5.4.12", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8CC23731-E080-43CF-9BB8-149FC0173388", versionEndIncluding: "5.6.7", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D27D2C-5211-41A7-B0F4-7721EE7884BF", versionEndIncluding: "6.0.4", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "26F099AE-4482-4964-8B8A-1B412A423C3B", versionEndIncluding: "1.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.", }, { lang: "es", value: "Una vulnerabilidad de Cross-site Scripting (XSS) en Fortinet FortiOS 6.0.0 a 6.0.4, 5.6.0 a 5.6.7, 5.4.0 a 5.4.12, 5.2 y posteriores y Fortinet FortiProxy versiones 2.0.0, 1.2.8 y versiones posteriores en el portal web SSL VPN permite al atacante ejecutar sin autorización código de script malicioso a través del error o los parámetros de manejo de mensajes", }, ], id: "CVE-2018-13380", lastModified: "2024-11-21T03:46:59.383", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T21:29:00.267", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-383", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-230", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-11-21 08:56
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-471 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-471 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "72ED8947-DBF3-483B-B267-117403A3D8E3", versionEndExcluding: "7.0.15", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DF62C95E-AB35-4A8E-84F8-5197E9D33C21", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4A077234-F19C-4E87-A7A5-A266B5C903C7", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C119229A-3805-47C1-B3F9-AF1A4007A63B", versionEndExcluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.", }, { lang: "es", value: "Un uso de hash de contraseña con vulnerabilidad de esfuerzo computacional insuficiente [CWE-916] que afecta a FortiOS versión 7.4.3 e inferior, 7.2 todas las versiones, 7.0 todas las versiones, 6.4 todas las versiones y FortiProxy versión 7.4.2 e inferior, 7.2 todas las versiones, 7.0 todas versiones, 2.0, todas las versiones pueden permitir que un atacante privilegiado con perfil de superadministrador y acceso CLI pueda descifrar el archivo de copia de seguridad.", }, ], id: "CVE-2024-23111", lastModified: "2024-11-21T08:56:57.250", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T15:16:03.957", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-380 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-380 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.", }, ], id: "CVE-2022-41327", lastModified: "2024-11-21T07:23:03.590", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:14.960", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-380", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-15 14:15
Modified
2024-11-29 15:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | 1.2.0 |
{ cisaActionDue: "2024-10-30", cisaExploitAdd: "2024-10-09", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Fortinet Multiple Products Format String Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "94C6FBEA-B8B8-4A92-9CAF-F4A125577C3C", versionEndIncluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "406F8C48-85CE-46AF-BE5C-0ED9E3E16A39", versionEndIncluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A8DD8789-6485-49E6-92D3-74004D9B6E9B", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "CF2B9FD3-9581-465E-A5E1-A1BCEFB0DFA3", versionEndIncluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "094185B2-8DC1-46C2-B160-31BEEFDB2CC7", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "DF27CA2F-3F4C-4CCB-B832-0E792673C429", versionEndIncluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "24D09A92-81EC-4003-B017-C67FC739EEBF", versionEndIncluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "49C323D0-5B01-4DB2-AB98-7113D8E607B6", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "3BA2C6ED-2765-4B56-9B37-10C50BD32C75", versionEndIncluding: "1.0.3", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "D0060F1F-527F-4E91-A59F-F3141977CB7A", versionEndIncluding: "1.1.2", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6D0927D1-F469-4344-B4C9-3190645F5899", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, FortiProxy versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, versiones de FortiPAM 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, versiones de FortiSwitchManager 7.2.0 a 7.2.3, 7.0.0 a 7.0. 3 permite al atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-23113", lastModified: "2024-11-29T15:09:12.633", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-15T14:15:46.503", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:50
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-455 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-455 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7E1251FE-2B46-46AA-B474-506B0079810D", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.", }, ], id: "CVE-2023-26207", lastModified: "2024-11-21T07:50:55.013", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.467", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-455", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:27
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-444 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-444 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "040866D8-0D44-4EC2-8801-5F50E51A7CAE", versionEndIncluding: "2.0.9", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "81E60913-FBE9-467B-AB4B-CA85E97527BA", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "F5B24750-4A57-4F80-AAE8-8AC316B376C2", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AB0B7CC5-F5D8-4912-84BE-2F1D010B97B1", versionEndExcluding: "6.4.13", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.", }, ], id: "CVE-2022-43947", lastModified: "2024-11-21T07:27:23.687", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-11T17:15:07.693", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-444", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-444", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-307", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-307", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-328 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-328 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "10E4FB93-7111-4F2A-8D5A-F276261D0E67", versionEndIncluding: "2.0.13", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F8AA932-A965-4345-8151-9CACDEE114F0", versionEndIncluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9010968B-B839-4B7C-BFB5-6BD9CBCEC166", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6E44123-995C-4E08-84B5-FF8C76B67B29", versionEndIncluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "17FE168A-0EA4-467C-91D2-87EB6D83917A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", }, { lang: "es", value: "Una escritura fuera de límites en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permite a un atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP especialmente manipuladas.", }, ], id: "CVE-2023-42789", lastModified: "2024-11-21T08:23:09.387", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-12T15:15:46.107", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 19:28
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-125 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-125 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B153B056-24AE-41C4-B644-65E080C18360", versionEndExcluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "122518E7-EA43-4240-AAFB-61AD2AA28A2B", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.", }, { lang: "es", value: "Una desreferencia de puntero nulo en Fortinet FortiOS versión 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, Fortiproxy versión 7.2.0 a 7.2.4, 7.0.0 a 7.0.10 permite atacante a la denegación de servicio a través de solicitudes HTTP especialmente manipuladas.", }, ], id: "CVE-2023-29179", lastModified: "2024-12-10T19:28:38.803", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-22T10:15:07.693", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-125", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-16 09:15
Modified
2025-02-03 21:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-259 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.6.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7269FDB6-A1D4-4912-8751-87BA52614FDA", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "241A8930-4ADA-4380-AA42-F10B28487595", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "32CFAF1E-358A-4F6D-96CB-D7229F0D9D74", versionEndExcluding: "7.0.19", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C8B93C73-1E94-4854-8405-C3689860A74C", versionEndExcluding: "7.2.12", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "5B276403-CE85-445A-9E5D-BBFBD7AB7A68", versionEndExcluding: "7.4.6", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "CD60BA50-3F98-46BF-97E8-28AB207DE12A", versionEndExcluding: "7.0.5", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B0D078-2F52-46B4-B9C0-162447828E1B", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "BBF1E214-4BC5-47E8-BF02-072D6D830BAF", versionEndIncluding: "6.4.10", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC", versionEndIncluding: "7.0.5", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2", versionEndExcluding: "7.4.5", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*", matchCriteriaId: "28B43375-DA74-4C5F-BAEE-39F312EEF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0532A5-31F2-4A92-BF31-6003E28AC948", versionEndExcluding: "7.0.16", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4D7D031B-221B-4738-AC83-4FB92A106528", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AD879-997D-4787-A1E9-E4132AC521E2", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", matchCriteriaId: "44CE8EE3-D64A-49C8-87D7-C18B302F864A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.", }, { lang: "es", value: " Una limitación incorrecta de una ruta de acceso a un directorio restringido (\"path traversal\") en Fortinet FortiRecorder versiones 7.2.0 a 7.2.1, 7.0.0 a 7.0.4, FortiWeb versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.10, 6.4.0 a 6.4.3, FortiVoice versiones 7.0.0 a 7.0.4, 6.4.0 a 6.4.9, 6.0.0 a 6.0.12 permite a un atacante escalar privilegios a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-48885", lastModified: "2025-02-03T21:11:41.750", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-16T09:15:06.737", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-18 17:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-155 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-155 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3902676A-4F5F-4C6A-A22D-DEF5EB4C0543", versionEndIncluding: "2.0.6", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D909C90B-E136-4E8E-B551-FE0369172C1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.0:*:*:*:*:*:*:*", matchCriteriaId: "53151CA2-647D-4E40-9247-C0F4E6CB680B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "AA5C8467-1765-434E-8C11-65D3139459EE", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "9D9ECD0B-C46E-485B-AA41-40B9C2A90547", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EC948E98-B48D-499B-8FD1-4B75754D2B78", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "668FED55-7378-487E-BE00-C33A45076F02", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "787C3018-40FA-415C-AF4C-D178AC4FB65E", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "4F35AB98-B0CD-4B04-992E-087054FCF91F", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "91BF8703-2835-4895-A347-74B6E9A2FA30", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "C94723AB-6BBE-4F5E-9560-5ECBE3A809A1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.10:*:*:*:*:*:*:*", matchCriteriaId: "E13ECB66-4AC4-4C1F-92DE-9C8788DD5379", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.11:*:*:*:*:*:*:*", matchCriteriaId: "640AC3C4-9529-4796-A2B7-E15C9AB520DB", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.12:*:*:*:*:*:*:*", matchCriteriaId: "11C09ED8-BEDB-4EAA-B55B-CD8F81FC74CF", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.13:*:*:*:*:*:*:*", matchCriteriaId: "4C31FB79-990A-403F-8479-A531837C7A79", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.14:*:*:*:*:*:*:*", matchCriteriaId: "BBFE82DC-E7BF-440A-A91E-00E5E4613592", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.15:*:*:*:*:*:*:*", matchCriteriaId: "67411CD4-56F9-4300-BA76-87227EE5CB5C", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.16:*:*:*:*:*:*:*", matchCriteriaId: "B7AE39C3-77E7-4BF0-AEA7-186A12DDC965", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.17:*:*:*:*:*:*:*", matchCriteriaId: "C49169A3-E7D2-4A4F-8729-551CCB33452A", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.18:*:*:*:*:*:*:*", matchCriteriaId: "DFC7D4A9-9143-4055-BAA2-E6093B5ED085", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.19:*:*:*:*:*:*:*", matchCriteriaId: "280D0F29-9BBC-4F39-91D3-C26EBAEEFC4D", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.20:*:*:*:*:*:*:*", matchCriteriaId: "47E2D164-490D-40F2-925B-C1DF2D8905F7", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.21:*:*:*:*:*:*:*", matchCriteriaId: "17FA9D1F-22C3-4B66-89C9-68EF40D7B128", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.22:*:*:*:*:*:*:*", matchCriteriaId: "294F7FEE-D8A0-4B6A-ACF4-539F558BAAF0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.23:*:*:*:*:*:*:*", matchCriteriaId: "DE63E91F-43C9-4878-8ABF-43D6FA243B6E", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.24:*:*:*:*:*:*:*", matchCriteriaId: "21E72112-DD6F-4F04-B7A6-32F4A3CD652C", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.25:*:*:*:*:*:*:*", matchCriteriaId: "0E46A71A-CC32-4FB9-B291-9D5213F2512B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:5.3.26:*:*:*:*:*:*:*", matchCriteriaId: "86D2A710-4758-4B86-82C8-D3DDFD082935", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "C717350D-43D2-41A4-9AA9-F8EA4F5480CD", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "4FDD21BC-FD00-4CF5-B093-1E6E9DAC9613", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "C68C2594-036C-40E0-BAC5-78945229746C", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "2917F59F-366B-434E-9CCB-1B734396932A", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "D1139A66-DE22-4D31-A17F-E0A7BB4111D0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "DC8B76AF-0BF0-4283-90B1-48D877CF69A9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "DDC98DF7-9441-4F7B-9B01-36A5F63BD401", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "3BA095F4-1B52-40B2-ADFE-19699C2F9E6C", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "0BF91792-6CFF-4069-826D-E252CF9CFB84", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "41C9826B-C2E2-4A10-AC6F-CDFDBE837049", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "065C0602-8785-404F-8DD5-EC884F0AC372", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9BD90D01-091F-42BC-AC76-45A582873EDF", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", matchCriteriaId: "9B920B4C-96A2-4341-8F19-8E08A583FEAE", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "9E9E1371-6C7B-4E98-B34A-9D03C6636CCD", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", matchCriteriaId: "148EFCE2-1EBA-4673-98D2-86095564B727", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*", matchCriteriaId: "1668AE14-D9A4-4B7D-BC3F-75885792875A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "377A2F0B-2A58-4C2C-B546-3178B353484B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "20EBDFD4-45A0-47CC-817E-48E84F945402", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "8C9CDB2B-E454-4B91-9A47-615F31F1A3D5", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "71148DC5-10A4-48C3-AD65-967F66B6078C", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "6A08987A-D448-4E46-ACB5-DF38CDBDD55B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*", matchCriteriaId: "C0A35CD0-765F-48BD-A450-E78F213518B0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*", matchCriteriaId: "F8492560-24C1-43B6-A420-068FA9E3C496", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*", matchCriteriaId: "EE5A3D4C-EF73-4676-A5E3-4008E7AF068D", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*", matchCriteriaId: "BE267898-AB2B-452E-B219-E0E6885DC5A9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*", matchCriteriaId: "6F223989-D906-4B0E-B54B-3D2639745837", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*", matchCriteriaId: "E1DC5908-9E16-4D12-9F48-AE921ED0D8C1", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "6C7AEE7B-AB79-462A-BEEF-6EEC558FB8C9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "ADEC69D2-AA57-464C-B59E-585566CCFE34", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "521E94FB-8CB3-486B-A882-49F0ACBAC502", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "F29537A6-456D-41B4-94D6-2FBA9DA3CC2E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "82AF3064-9B75-471E-9ADB-F55B64E453BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "BC71169D-0BF3-40BC-8460-A0906B1F21F1", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*", matchCriteriaId: "4EC7B4D7-9F3A-43FC-930E-AC55E34A94EF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*", matchCriteriaId: "48B877ED-AF81-42B1-9E88-2CD4831C6D38", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*", matchCriteriaId: "934A3FB3-97A1-4981-BB15-ABBFD273D79F", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*", matchCriteriaId: "722B3D73-504E-40EB-B8FB-9F3D9A3B6DB7", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*", matchCriteriaId: "CBBDD272-D412-4DF5-A823-76D0C0C036C5", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*", matchCriteriaId: "3794902F-7A0C-4EA3-B0E3-959D118ABE47", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*", matchCriteriaId: "7EE0B7E1-0D61-48C2-ADDB-E009ACBEE084", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*", matchCriteriaId: "01048DC4-07BB-4689-A7E8-F0CC4F50718D", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3907C1C9-EAEB-4287-82DA-06F242DEA639", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "20A322D8-C0F0-4F31-81F5-94A12B2B88F2", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "ABCB90C9-976A-4D85-A84D-A6970E9C11A6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "92CA4075-BA53-415E-9348-C4D3F93A683C", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "363F14B5-66AC-4CA2-A11B-E1D70C307C69", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "2BF39DA1-D854-4540-B410-3ECD5A83E95A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "C552DD33-EAC7-472E-9A1B-4BAF558D7DE6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "59D90493-FB83-43F0-A576-C90AE7775313", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "03B8E997-3D10-48D2-8FCF-34B8A976A944", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "FA6AF1FA-A034-439A-876B-BFA1BE7DE15E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", matchCriteriaId: "F54D5CC0-D4F4-4F8C-8CD9-A7456ED226F7", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", matchCriteriaId: "E76E7EE1-0B07-4B56-A069-AF3B5BBCB79E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", matchCriteriaId: "532A62AB-40C5-4C12-8079-EABCA583DB97", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", matchCriteriaId: "64AC05A1-EF48-4282-BB3C-ED60E45CEEBD", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", matchCriteriaId: "72C437B7-75F8-4DDC-9670-19E2C21ACB27", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", matchCriteriaId: "B468AF9F-1619-4399-A1A5-115C26FB01DA", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", matchCriteriaId: "4929DC17-1B20-432D-AEDA-3B3213DC6022", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "2625D2C3-A5DE-446A-B551-825B2B24EE92", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", matchCriteriaId: "9694FC0C-408A-4892-ADD1-F36F4BBBD9EF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", matchCriteriaId: "E8C5783F-CE5B-4B8F-AF7C-C182B3ED3EAD", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", matchCriteriaId: "2B8A132F-601F-4129-BFCA-3A976A711D5A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", matchCriteriaId: "90600B14-07C4-455D-9FC1-17034D91B987", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", matchCriteriaId: "953B6278-878B-4B17-8AA2-641A0604F14A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", matchCriteriaId: "4739957D-6605-4F88-AF5F-144598270928", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", matchCriteriaId: "AF22D78B-ED8E-42A1-8F0C-F4B52B084B60", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "1C6E45EB-4C8C-4777-9200-08B14595A3A7", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", matchCriteriaId: "9D114536-7169-4814-B011-570E3AD86A3D", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "B28478DA-8D10-4A8E-81EA-D3DF421E5089", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", matchCriteriaId: "4C423AC8-4AA2-426E-8F76-7E5B3CDF82BC", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", matchCriteriaId: "43906627-A03E-42EA-9923-DECBAE34A818", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", matchCriteriaId: "6E77E34E-9E3F-4022-9969-6DCEDAD1590A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", matchCriteriaId: "C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", matchCriteriaId: "91C045DF-72E9-4B33-B990-6BA25EDA7209", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "79FEE7F6-F72E-4A43-883C-0CF492DF355B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", matchCriteriaId: "49D51C9F-CED3-4EA0-89EB-3A63F54B10E7", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "ADC427FF-F227-401D-8F41-8B3268D577CE", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "73DADA28-4371-4639-AB3D-BA82F365A337", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "04DB567F-A4D9-483F-83CB-8807EEF6FB07", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "6FBADF2A-2C17-4D37-8315-3B003854AE77", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EC2673E9-3227-4EAC-9ECD-6576A575F4A9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "4742E76F-3030-45F6-A54B-B337D3C6705B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "056CF29E-1953-4B25-8247-E9A59F511890", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "9D9CC045-D163-417F-B8AB-DC07352B81C9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "962B9BAB-7414-4E6B-AF5D-F7BB0951229C", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "94283031-0C2F-46B3-BAFE-69900C5DB9CF", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "0EA67378-E9BC-4BAE-856D-FEDB42104406", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8A4BEB4C-396B-44AB-8E27-357A650A5764", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.1:*:*:*:*:*:*:*", matchCriteriaId: "53DC5E3E-C08C-4491-9650-0781C4327225", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "484F6C79-3498-45E3-BF74-CF6075E7D31A", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "843F4434-651D-4A22-80C3-77397E059A98", versionEndIncluding: "6.0.7", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "549EE910-DAC4-45B7-AE45-6B6A786CD2F5", versionEndIncluding: "6.2.7", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "0A13E485-2362-4AC0-9B8E-41998257B31F", versionEndIncluding: "6.4.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "A44AA3D5-FE43-429E-B238-0954D83778A4", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de enteros / wraparound [CWE-190] en FortiSwitch versiones 7.0.2 y anteriores, 6.4.9 y anteriores, 6.2.x, 6.0.x; FortiRecorder 6.4.2 y anteriores, 6.0.10 y anteriores; FortiOS 7.0.2 y anteriores, 6.4.8 y anteriores, 6.2.10 y anteriores, 6.0.x; FortiProxy 7. 0.0, 2.0.6 y anteriores, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 y anteriores, 6.0.10 y anteriores, dhcpd daemon puede permitir a un atacante no autenticado y adyacente a la red bloquear el dhcpd deamon, resultando en una potencial denegación de servicio", }, ], id: "CVE-2021-42755", lastModified: "2024-11-21T06:28:06.293", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-18T17:15:08.413", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-155", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:10
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortipam | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3158CE17-3505-4946-9DC9-99FDF741AB4C", versionEndIncluding: "2.0.14", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7E1251FE-2B46-46AA-B474-506B0079810D", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4D78C235-F7F5-4611-8467-0CC4F0F69111", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "73C906E2-943B-4710-832D-C29CF175F9BC", versionEndIncluding: "1.0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EA5512D-6EE5-4DF3-A960-C02394F25225", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E96C569E-0642-4FDD-B65F-A5926B69021A", versionEndIncluding: "6.2.16", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en las versiones Fortinet FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7, versiones de FortiPAM 1.0.0 a 1.0.3, versiones de FortiOS 7.2.0, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, 6.0.0 a 6.0.16 permite al atacante ejecutar código o comandos no autorizados mediante comandos especialmente manipulados", }, ], id: "CVE-2023-36640", lastModified: "2024-11-21T08:10:09.313", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-14T17:15:16.640", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2025-01-27 21:30
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-389 | Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-231 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-389 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-231 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2022-07-10", cisaExploitAdd: "2022-01-10", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet FortiOS and FortiProxy Improper Authorization", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4B47708E-8A92-4767-8685-49C3143D0920", versionEndExcluding: "1.2.9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "250C33C2-29AD-4B75-BF05-E7256B4A5B54", versionEndExcluding: "5.4.11", versionStartIncluding: "5.4.1", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7A60D8EF-E47F-45A9-8E40-0169609D9B7B", versionEndExcluding: "5.6.9", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D37F1481-E7A7-4428-89C9-5DF9D206D056", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests", }, { lang: "es", value: "Una vulnerabilidad de autorización inadecuada en Fortinet FortiOS versiones 6.0.0 a 6.0.4, 5.6.0 a 5.6.8 y 5.4.1 a 5.4.10 y FortiProxy versiones 2.0.0, 1.2.0 a 1.2.8, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 en el portal web SSL VPN permite a un atacante no autenticado modificar la contraseña de un usuario del portal web SSL VPN a través de peticiones HTTP especialmente diseñadas", }, ], id: "CVE-2018-13382", lastModified: "2025-01-27T21:30:41.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T21:29:00.373", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-231", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-231", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-04 16:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-231 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-231 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "96161EB8-2DFC-488B-B24D-80DA3B52E5B1", versionEndExcluding: "2.0.9", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA", versionEndExcluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "104926CC-BE94-41EF-98E5-F565A6EAADD4", versionEndExcluding: "6.0.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EE47BA6-6F1B-40E9-8FE5-5752389875DF", versionEndExcluding: "6.2.10", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "986D96D1-B204-48FC-8852-BB8341941236", versionEndExcluding: "6.4.8", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "30F10D70-1176-4119-BF1A-C2A5FCA386D4", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.", }, { lang: "es", value: "Un mensaje de error generado por el servidor que contiene información confidencial en Fortinet FortiOS 7.0.0 a 7.0.3, 6.4.0 a 6.4.8, 6.2.x, 6.0.x y FortiProxy 7.0.0 a 7.0.1, 2.0.x, permite a servidores web maliciosos recuperar el nombre de usuario y la IP del cliente de un proxy web por medio de peticiones HTTP del mismo origen que provocan páginas de códigos de estado HTTP generadas por el proxy", }, ], id: "CVE-2021-43206", lastModified: "2024-11-21T06:28:50.743", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-04T16:15:08.227", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-231", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-231", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-06 17:15
Modified
2024-11-21 07:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-255 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-255 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "03222066-2B1D-4854-8CAE-6992D7F40150", versionEndIncluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C485003B-5F30-46E7-A794-84D66500739A", versionEndIncluding: "7.0.6", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7CB40CF0-CC6A-44A5-BC5D-70DC7CA78D49", versionEndIncluding: "6.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "EA09A86A-A8BE-45F7-96C8-747C5DB658C5", versionEndIncluding: "6.4.9", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "DEC5CAD3-53CB-45C3-B4EA-10AEFE6C0016", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8B736A23-95B8-4D87-863A-AC8E901078EA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.", }, { lang: "es", value: "Una omisión de autenticación por vulnerabilidad de datos supuestamente inmutables [CWE-302] en el componente de inicio de sesión SSH de FortiOS 7.2.0, 7.0.0 a 7.0.7, 6.4.0 a 6.4.9, 6.2 todas las versiones, 6.0 todas las versiones y FortiProxy SSH El componente de inicio de sesión 7.0.0 a 7.0.5, 2.0.0 a 2.0.10, 1.2.0 todas las versiones puede permitir que un atacante remoto y no autenticado inicie sesión en el dispositivo mediante el envío de una respuesta Access-Challenge especialmente manipulada desde el servidor Radius.", }, ], id: "CVE-2022-35843", lastModified: "2024-11-21T07:11:48.250", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-06T17:15:10.873", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-255", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:25
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-362 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-362 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 | |
| fortinet | fortios | 7.2.1 | |
| fortinet | fortios | 7.2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "03222066-2B1D-4854-8CAE-6992D7F40150", versionEndIncluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1279D1CF-6815-4491-AC1C-54C64C2F5FC5", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.1", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D865A-6411-4807-81D4-6A5C052C03C9", versionEndIncluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8B736A23-95B8-4D87-863A-AC8E901078EA", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F5CE1D01-26C0-4141-B7B1-E26B976DF835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.", }, ], id: "CVE-2022-42472", lastModified: "2024-11-21T07:25:02.230", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 2.5, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:13.583", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-362", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-113", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-08 13:15
Modified
2024-11-21 06:25
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-181 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-181 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D909C90B-E136-4E8E-B551-FE0369172C1E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "79FEE7F6-F72E-4A43-883C-0CF492DF355B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.", }, { lang: "es", value: "Una vulnerabilidad de salto de ruta relativa [CWE-23] en FortiOS versiones 7.0.0 y 7.0.1 y en FortiProxy versión 7.0.0, puede permitir a un atacante no autenticado y no autorizado inyectar secuencias de caracteres de salto de ruta para revelar información confidencial del servidor por medio de la petición GET de la página de inicio de sesión", }, ], id: "CVE-2021-41024", lastModified: "2024-11-21T06:25:17.477", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-08T13:15:07.957", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-181", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-181", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-16 10:15
Modified
2024-11-21 08:05
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-015 | Not Applicable | |
| nvd@nist.gov | https://exchange.xforce.ibmcloud.com/vulnerabilities/258201 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-015 | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3A99FF48-370E-4D2A-B5CC-889EA21AB213", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.", }, ], id: "CVE-2023-33307", lastModified: "2024-11-21T08:05:22.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-16T10:15:09.523", references: [ { source: "psirt@fortinet.com", tags: [ "Not Applicable", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, { source: "nvd@nist.gov", tags: [ "Third Party Advisory", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/258201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:27
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3D9BC2D4-EA5F-448E-A9FA-0445EF6CC9E0", versionEndExcluding: "7.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "CE24A52F-07B6-4E40-955B-7B71826AC299", versionEndExcluding: "7.2.6", versionStartExcluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7F75C4E9-62F6-43F2-B941-476F31F8F39C", versionEndExcluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "CC883A39-5441-45A6-AEEB-D916FA39F635", versionEndExcluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "97097B62-E92F-49F7-9D48-472C4309A716", versionEndExcluding: "7.2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E96C569E-0642-4FDD-B65F-A5926B69021A", versionEndIncluding: "6.2.16", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "884279B3-E480-44E1-B126-5C1029B6BE75", versionEndIncluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6E44123-995C-4E08-84B5-FF8C76B67B29", versionEndIncluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "3BA2C6ED-2765-4B56-9B37-10C50BD32C75", versionEndIncluding: "1.0.3", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0CC27DCF-F74C-431C-9545-F405D369AF22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiProxy versiones 7.2.0 a 7.2.5, 7.0.0 a 7.0.11, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6 Versiones de FortiPAM 1.1.0, 1.0.0 a 1.0.3 Versiones de FortiOS 7.4.0, 7.2.0 a 7.2.5, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2. 15 Las versiones 7.2.0 a 7.2.2, 7.0.0 a 7.0.2 de FortiSwitchManager permiten a un atacante ejecutar código o comandos no autorizados a través de comandos cli y solicitudes http especialmente manipulados.", }, ], id: "CVE-2023-45583", lastModified: "2024-11-21T08:27:00.447", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-14T17:15:22.750", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:21
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-184 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-184 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C83139FA-7195-4171-8BC6-CC4F9379C7C9", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6BB39159-5B36-415A-A57E-AFAFD7B848CF", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.", }, { lang: "es", value: "Una vulnerabilidad de use-after-free [CWE-416] en FortiOS versión 7.2.0 a 7.2.4 y versión 7.0.0 a 7.0.10 y FortiProxy versión 7.2.0 a 7.2.2 y versión 7.0.0 a 7.0.8 puede permitir un atacante remoto no autenticado bloquee el proceso WAD a través de múltiples paquetes manipulados que alcanzan políticas de proxy o políticas de firewall con modo proxy junto con una inspección profunda de paquetes SSL.", }, ], id: "CVE-2023-41675", lastModified: "2024-11-21T08:21:27.890", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-10T17:15:12.620", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-184", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-14 18:15
Modified
2024-11-21 08:10
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-151 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-151 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "10E4FB93-7111-4F2A-8D5A-F276261D0E67", versionEndIncluding: "2.0.13", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7E1251FE-2B46-46AA-B474-506B0079810D", versionEndIncluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4D78C235-F7F5-4611-8467-0CC4F0F69111", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6E44123-995C-4E08-84B5-FF8C76B67B29", versionEndIncluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.", }, { lang: "es", value: "Un error de truncamiento numérico en Fortinet FortiProxy versión 7.2.0 a 7.2.4, FortiProxy versión 7.0.0 a 7.0.10, FortiProxy 2.0 todas las versiones, FortiProxy 1.2 todas las versiones, FortiProxy 1.1, todas las versiones, FortiProxy 1.0 todas las versiones, FortiOS versión 7.4 .0, FortiOS versión 7.2.0 a 7.2.5, FortiOS versión 7.0.0 a 7.0.12, FortiOS 6.4 todas las versiones, FortiOS 6.2 todas las versiones, FortiOS 6.0 todas las versiones permiten al atacante denegar el servicio a través de solicitudes HTTP específicamente manipuladas.", }, ], id: "CVE-2023-36641", lastModified: "2024-11-21T08:10:09.613", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-11-14T18:15:49.833", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-151", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-197", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.0.1 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6607C71D-D434-430A-8DFD-9125381D2D36", versionEndIncluding: "2.0.11", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "331A1766-4EBA-4519-A8ED-E0DD68A187E9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "469E9E1C-154C-41CB-AC83-FBE5E6FA83EB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.", }, ], id: "CVE-2022-42474", lastModified: "2024-11-21T07:25:02.533", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:15.597", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-12 15:15
Modified
2024-11-21 04:32
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-248 | Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-007 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-248 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-007 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "388FF005-6EE2-47C4-A782-BC1911BB83A1", versionEndExcluding: "1.2.10", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B87B5F67-4417-4BD6-9A58-4FA5188A659C", versionEndExcluding: "2.0.2", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9BE1BA74-CBC4-4661-91E5-68E8425D42EA", versionEndIncluding: "6.0.10", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "159A3E80-81C4-4D83-9735-40F8B80A87F1", versionEndIncluding: "6.2.2", versionStartIncluding: "6.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el demonio HTTPD de FortiOS versiones 6.0.10 y por debajo, versiones 6.2.2 y por debajo y FortiProxy versiones 1.0.x, 1.1.x, 1.2.9 y por debajo, versiones 2.0.0 y por debajo, puede permitir a un atacante remoto autenticado bloquear el servicio mediante el envío de una petición PUT malformada hacia el servidor. Fortinet no tiene conocimiento de ninguna explotación con éxito de esta vulnerabilidad que podría conllevar a una ejecución de código", }, ], id: "CVE-2019-17656", lastModified: "2024-11-21T04:32:42.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-12T15:15:13.827", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-19-248", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-007", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-19-248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-007", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-18 14:15
Modified
2025-02-19 19:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2022-11-01", cisaExploitAdd: "2022-10-11", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet Multiple Products Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B778AD94-D279-42B4-A062-8231F14936B3", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A86B1AB3-F33E-461C-A19C-C3A51B47AC5F", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B2DDB271-0A73-4C94-B3CE-B766E99898C0", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", }, { lang: "es", value: "Una omisión de autenticación usando una ruta o canal alternativo [CWE-288] en Fortinet FortiOS versión versiones 7.2.0 hasta 7.2.1 y 7.0.0 hasta 7.0.6, FortiProxy versión 7.2.0 y versiones 7.0.0 hasta 7.0.6 y FortiSwitchManager versión 7.2.0 y 7.0.0, permite a un atacante no autenticado llevar a cabo operaciones en la interfaz administrativa por medio de peticiones HTTP o HTTPS especialmente diseñadas", }, ], id: "CVE-2022-40684", lastModified: "2025-02-19T19:37:18.357", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-18T14:15:09.747", references: [ { source: "psirt@fortinet.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { source: "psirt@fortinet.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:27
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-225 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-225 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortiproxy | 7.4.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "86607BB0-08AB-4E78-913D-B783949D5C1D", versionEndExcluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "469D97BA-282C-4875-A156-FDA00B5B4093", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9010968B-B839-4B7C-BFB5-6BD9CBCEC166", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "1491795D-14BA-4D82-9CB0-6FA7D35EB64E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E96C569E-0642-4FDD-B65F-A5926B69021A", versionEndIncluding: "6.2.16", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "884279B3-E480-44E1-B126-5C1029B6BE75", versionEndIncluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D25F9C04-C7FD-4B1F-A194-CA69E5DE903C", versionEndExcluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "17FE168A-0EA4-467C-91D2-87EB6D83917A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.", }, { lang: "es", value: "Una verificación insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en Fortinet FortiOS SSL-VPN modo túnel versión 7.4.0 a 7.4.1, versión 7.2.0 a 7.2.7 y anteriores a 7.0.12 y versión de modo túnel FortiProxy SSL-VPN 7.4.0 a 7.4.1, versión 7.2.0 a 7.2.7 y anteriores a 7.0.13 permiten que un usuario de VPN autenticado envíe (pero no reciba) paquetes que falsifiquen la IP de otro usuario a través de paquetes de red manipulados.", }, ], id: "CVE-2023-45586", lastModified: "2024-11-21T08:27:00.740", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-14T17:15:24.560", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-225", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-225", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:23
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "10E4FB93-7111-4F2A-8D5A-F276261D0E67", versionEndIncluding: "2.0.13", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F8AA932-A965-4345-8151-9CACDEE114F0", versionEndIncluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9010968B-B839-4B7C-BFB5-6BD9CBCEC166", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6E44123-995C-4E08-84B5-FF8C76B67B29", versionEndIncluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "2E2A5347-D536-4D43-A163-5B5A3AFE742C", versionEndIncluding: "7.4.1", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", }, { lang: "es", value: "Un desbordamiento de búfer en la región stack de la memoria en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permiten al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP especialmente manipuladas.", }, ], id: "CVE-2023-42790", lastModified: "2024-11-21T08:23:09.530", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-12T15:15:46.293", references: [ { source: "psirt@fortinet.com", url: "https://fortiguard.com/psirt/FG-IR-23-328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2025-01-17 20:35
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-033 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C98BE382-7A23-4231-9D1B-5D7946848F99", versionEndExcluding: "7.0.17", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFFA2C3-0A23-4884-B751-785BE598DFF3", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC7395B0-2864-49E3-8B70-935A17EF3162", versionEndExcluding: "7.2.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.", }, { lang: "es", value: "Una vulnerabilidad de neutralización incorrecta de elementos especiales en la salida utilizada por un componente descendente ('Inyección') [CWE-74] en FortiOS versión 7.4.3 y anteriores, versión 7.2.8 y anteriores, versión 7.0.16 y anteriores; FortiProxy versión 7.4.3 y anteriores, versión 7.2.9 y anteriores, versión 7.0.16 y anteriores; FortiSASE versión 24.2.b La interfaz de usuario web SSL-VPN puede permitir que un atacante remoto no autenticado realice intentos de phishing a través de solicitudes manipuladas.", }, ], id: "CVE-2024-33510", lastModified: "2025-01-17T20:35:31.247", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-12T19:15:09.723", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-033", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-358", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2025-01-27 21:30
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-384 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-233 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-384 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-233 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet FortiOS SSL VPN Path Traversal Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "4B47708E-8A92-4767-8685-49C3143D0920", versionEndExcluding: "1.2.9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B7016D5F-23EE-4922-B6ED-312522776B25", versionEndExcluding: "5.4.13", versionStartIncluding: "5.4.6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "44120B30-029A-4283-9441-A815A96ADD9D", versionEndExcluding: "5.6.8", versionStartIncluding: "5.6.3", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D37F1481-E7A7-4428-89C9-5DF9D206D056", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.", }, { lang: "es", value: "Una limitación inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") en Fortinet FortiOS versiones 6.0.0 a 6.0.4, 5.6.3 a 5.6.7 y 5.4.6 a 5.4.12 y FortiProxy versiones 2.0.0, 1. 2.0 a 1.2.8, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 bajo el portal web SSL VPN permite a un atacante no autenticado descargar archivos del sistema a través de solicitudes de recursos HTTP especialmente diseñadas", }, ], id: "CVE-2018-13379", lastModified: "2025-01-27T21:30:45.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-04T21:29:00.233", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-384", }, { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-18-384", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-233", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:27
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C2573C90-BE6A-4D5D-A223-F09213318909", versionEndIncluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.", }, ], id: "CVE-2022-43953", lastModified: "2024-11-21T07:27:24.387", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.077", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-463", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-463", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-134", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-10 18:15
Modified
2024-11-21 08:25
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-315 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-315 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortiproxy | 7.4.1 | |
| fortinet | fortios | 7.2.5 | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9010968B-B839-4B7C-BFB5-6BD9CBCEC166", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "1491795D-14BA-4D82-9CB0-6FA7D35EB64E", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", matchCriteriaId: "06FF7838-98E3-4022-95D3-D7B540D98D73", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "17FE168A-0EA4-467C-91D2-87EB6D83917A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.", }, { lang: "es", value: "Una vulnerabilidad de administración de privilegios inadecuada [CWE-269] en un clúster Fortinet FortiOS HA versión 7.4.0 a 7.4.1 y 7.2.5 y en un clúster FortiProxy HA versión 7.4.0 a 7.4.1 permite que un atacante autenticado realice acciones elevadas a través de solicitudes HTTP o HTTPS manipuladas.", }, ], id: "CVE-2023-44250", lastModified: "2024-11-21T08:25:31.227", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-10T18:15:46.030", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-315", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-14 18:15
Modified
2024-11-21 07:53
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-396 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-396 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "10E4FB93-7111-4F2A-8D5A-F276261D0E67", versionEndIncluding: "2.0.13", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DA5DEE06-6CEC-4EDE-BEA7-EDBE65EBF8F5", versionEndIncluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9D052D03-B855-4C9E-BCF9-7AEE6464050B", versionEndIncluding: "7.2.7", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.", }, { lang: "es", value: "Una vulnerabilidad de validación inadecuada del valor de verificación de integridad [CWE-354] en FortiOS 7.2.0 a 7.2.3, 7.0.0 a 7.0.12, 6.4 todas las versiones, 6.2 todas las versiones, 6.0 todas las versiones y FortiProxy 7.2 todas las versiones, 7.0 todas versiones, 2.0 todas las versiones. Las máquinas virtuales pueden permitir que un atacante local con privilegios de administrador inicie una imagen maliciosa en el dispositivo y omita la verificación de integridad del sistema de archivos vigente.", }, ], id: "CVE-2023-28002", lastModified: "2024-11-21T07:53:54.707", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-11-14T18:15:29.137", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-396", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-396", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-354", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-22 10:15
Modified
2025-02-12 13:39
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-254 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiauthenticator | * | |
| fortinet | fortiauthenticator | * | |
| fortinet | fortiddos | * | |
| fortinet | fortiddos-f | * | |
| fortinet | fortimail | * | |
| fortinet | fortindr | * | |
| fortinet | fortindr | 7.2.0 | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortisoar | * | |
| fortinet | fortitester | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiwlc | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiswitch | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", matchCriteriaId: "B7685DE5-EEF4-4EFF-9EE0-1ABC59A46B91", versionEndExcluding: "6.2.4", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*", matchCriteriaId: "959F9558-9C68-4046-AF5F-C543C9B5C3DE", versionEndExcluding: "6.3.4", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F857C3-0369-45CD-8745-FC6086A6B401", versionEndExcluding: "6.4.2", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiddos:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2587E4-5D24-4C81-AD13-B3205FA07D14", versionEndExcluding: "5.5.2", versionStartIncluding: "5.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*", matchCriteriaId: "999EDF79-3052-4A4E-9B71-B0FEDEBFE33E", versionEndExcluding: "6.3.4", versionStartIncluding: "6.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "9E3E1107-F78C-41B7-A8D4-E984EF551B1B", versionEndExcluding: "7.0.4", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*", matchCriteriaId: "2798BBCF-0867-4C5B-9F28-6CD9846DAD7E", versionEndExcluding: "7.1.1", versionStartIncluding: "1.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "06DD8B01-B4BC-432D-9045-40AD6DA84CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C4BF015A-6391-40D1-9FC4-C73110A2D52E", versionEndExcluding: "7.0.5", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "CF9591AF-D4A5-44F6-8535-1D166646E118", versionEndExcluding: "7.4.0", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "0A7151C5-DB42-4F91-B84C-CDA9CEF73A23", versionEndExcluding: "6.0.11", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*", matchCriteriaId: "2DDA9A48-7687-40A3-A14F-5EB89A20A386", versionEndExcluding: "6.4.3", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*", matchCriteriaId: "B72000EC-F0D5-4100-B0DB-7405EDE32C76", versionEndExcluding: "7.3.0", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*", matchCriteriaId: "C8838FC8-770F-41ED-8F25-8E2953258677", versionEndExcluding: "7.2.2", versionStartIncluding: "3.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*", matchCriteriaId: "C97B8181-C602-4E70-B3EA-CBE1FA62A220", versionEndExcluding: "6.4.9", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiwlc:*:*:*:*:*:*:*:*", matchCriteriaId: "C68A52C3-281D-4B4E-B0AA-0162D846BBB2", versionEndExcluding: "8.6.7", versionStartIncluding: "8.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "00C9C02B-E40F-4536-BC74-A7DA84E4B845", versionEndExcluding: "7.0.6", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "FF5E55C0-C600-4234-AA0C-21259AA6D97F", versionEndExcluding: "7.0.5", versionStartIncluding: "6.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver", }, { lang: "es", value: "Una referencia controlada externamente a un recurso en otra esfera en Fortinet FortiManager anterior a la versión 7.4.3, FortiMail anterior a la versión 7.0.3, FortiAnalyzer anterior a la versión 7.4.3, FortiVoice versión 7.0.0, 7.0.1 y anterior a 6.4.8, FortiProxy anterior a la versión 7.0.4, FortiRecorder versión 6.4.0 a 6.4.2 y anterior a 6.0.10, FortiAuthenticator versión 6.4.0 a 6.4.1 y anterior a 6.3.3, FortiNDR versión 7.2.0 anterior a 7.1.0, FortiWLC anterior a la versión 8.6.4, FortiPortal anterior a la versión 6.0.9, FortiOS versión 7.2.0 y anterior a 7.0.5, FortiADC versión 7.0.0 a 7.0.1 y anterior 6.2.3, FortiDDoS anterior a la versión 5.5.1, FortiDDoS-F anterior a la versión 6.3.3, FortiTester anterior a la versión 7.2.1, FortiSOAR anterior a la versión 7.2.2 y FortiSwitch anterior a la versión 6.3.3 permiten a los atacantes envenenar cachés web a través de solicitudes HTTP manipulado, donde el encabezado `Host` apunta a un servidor web arbitrario.", }, ], id: "CVE-2022-23439", lastModified: "2025-02-12T13:39:42.107", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 2.7, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-22T10:15:07.737", references: [ { source: "psirt@fortinet.com", tags: [ "Broken Link", ], url: "https://fortiguard.com/psirt/FG-IR-21-254", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-610", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:25
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-401 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-401 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6607C71D-D434-430A-8DFD-9125381D2D36", versionEndIncluding: "2.0.11", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D865A-6411-4807-81D4-6A5C052C03C9", versionEndIncluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.", }, ], id: "CVE-2022-42476", lastModified: "2024-11-21T07:25:02.870", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-07T17:15:12.303", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-401", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-477 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-477 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 1.1.5 | |
| fortinet | fortiproxy | 1.1.6 | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6607C71D-D434-430A-8DFD-9125381D2D36", versionEndIncluding: "2.0.11", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "19FD3769-7C9A-4570-A284-34CB19672108", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "74FB2CB1-DBDB-4CA6-A98C-08ACE0044CA3", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3CD57A5A-2B13-495A-8530-8F97E1720602", versionEndIncluding: "6.2.13", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D865A-6411-4807-81D4-6A5C052C03C9", versionEndIncluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.", }, ], id: "CVE-2022-45861", lastModified: "2024-11-21T07:29:51.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-07T17:15:12.380", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-477", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-477", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-824", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-824", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 16:58
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-111 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-111 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A233FC6A-9ABE-46AC-8332-0DD0075C6DB6", versionEndExcluding: "2.0.13", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9A0AB0B8-819F-46EE-A921-119B76A138B5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "F15A3418-4EE7-402B-9711-4F577FC64397", versionEndExcluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "05454D49-17D8-4A7D-92C8-B33B006A35DA", versionEndExcluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B153B056-24AE-41C4-B644-65E080C18360", versionEndExcluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.", }, { lang: "es", value: "Una desreferencia de puntero nulo en Fortinet FortiOS versión 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14, 6.0.0 a 6.0.16, FortiProxy 7.2 .0 a 7.2.3, 7.0.0 a 7.0.10, 2.0.0 a 2.0.12, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 permite al atacante negar del servicio a través de solicitudes HTTP especialmente manipuladas.", }, ], id: "CVE-2023-29180", lastModified: "2024-12-10T16:58:41.603", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-22T10:15:07.947", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-111", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-03 11:15
Modified
2024-11-21 05:49
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-006 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-006 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "8D74F6EC-871A-4E6B-B123-723BB42B4386", versionEndExcluding: "1.2.10", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B87B5F67-4417-4BD6-9A58-4FA5188A659C", versionEndExcluding: "2.0.2", versionStartIncluding: "2.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, { lang: "es", value: "Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el FortiProxy physical appliance versiones 2.0.0 hasta 2.0.1, versiones 1.2.0 hasta 1.2.9, versiones 1.1.0 hasta 1.1.6, versiones 1.0.0 a 1.0.7, puede permitir a un atacante remoto autenticado llevar a cabo un ataque de Denegación de Servicio ejecutando \"diagnose sys cpuset\" con un valor de máscara de cpuset grande. Fortinet no tiene conocimiento de ninguna explotación con éxito de esta vulnerabilidad que conlleve a una ejecución de código", }, ], id: "CVE-2021-22130", lastModified: "2024-11-21T05:49:33.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-03T11:15:08.527", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-21-006", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:45
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-494 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-494 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C83139FA-7195-4171-8BC6-CC4F9379C7C9", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.", }, ], id: "CVE-2023-22639", lastModified: "2024-11-21T07:45:06.413", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.177", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-494", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-494", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-363 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-363 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "81E60913-FBE9-467B-AB4B-CA85E97527BA", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "F5B24750-4A57-4F80-AAE8-8AC316B376C2", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0F948E-DC53-4365-B12F-F17B514E3F35", versionEndExcluding: "6.2.13", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE", versionEndExcluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EB54D85-8A3B-4F40-A814-3636F2AC99F3", versionEndExcluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.", }, ], id: "CVE-2022-41330", lastModified: "2024-11-21T07:23:04.087", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-11T17:15:07.390", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-363", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-363", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-05 20:15
Modified
2024-11-21 06:46
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-235 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-235 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiadc | * | |
| fortinet | fortiadc | 6.2.0 | |
| fortinet | fortiadc | 6.2.1 | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.0.0 | |
| fortinet | fortiproxy | 7.0.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", matchCriteriaId: "3ADB57D8-1ABE-4401-B1B0-4640A34C555A", versionEndIncluding: "6.0.4", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", matchCriteriaId: "D31CF79E-6C56-4CD0-9DD2-FBB48D503786", versionEndIncluding: "6.1.6", versionStartIncluding: "6.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*", matchCriteriaId: "FCDF60B5-A0BE-41F6-A0D5-53526A7BBAE1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*", matchCriteriaId: "B42E0536-4831-4A6B-AC0B-C7AE3CDE3834", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "07883AF7-1C60-43C9-8D98-CCF2B20C3B13", versionEndIncluding: "6.4.5", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*", matchCriteriaId: "43038EC9-6FD3-488C-8CA3-8B4A705C3E11", versionEndIncluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "1C5E8B52-3027-4A6E-82AC-052D5A320D84", versionEndIncluding: "2.0.7", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D909C90B-E136-4E8E-B551-FE0369172C1E", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB7E21E-A68B-44FC-8F0E-EF5926186F26", versionEndIncluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "3F93F9C8-6064-4CED-88DF-3580C517AB51", versionEndIncluding: "5.2.15", versionStartIncluding: "5.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0", versionEndIncluding: "5.4.13", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4", versionEndIncluding: "6.0.14", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B4361DFE-431C-470A-9C9A-263681F125CC", versionEndIncluding: "6.2.10", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "986D96D1-B204-48FC-8852-BB8341941236", versionEndExcluding: "6.4.8", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "455773C7-5DAC-4EFF-8848-51EC77C9CB57", versionEndExcluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.", }, { lang: "es", value: "Una vulnerabilidad de cadena de formato [CWE-134] en el intérprete de línea de comandos de FortiADC versión 6.0.0 hasta 6.0.4, FortiADC versión 6.1.0 hasta 6.1.5, FortiADC versión 6.2.0 hasta 6.2.1, FortiProxy versión 1.0.0 hasta 1.0.7, FortiProxy versión 1.1.0 hasta 1.1.6, FortiProxy versión 1.2.0 hasta 1.2.13, FortiProxy versión 2.0.0 hasta 2.0.7, FortiProxy versión 7. 0.0 a 7.0.1, FortiOS versión 6.0.0 hasta 6.0.14, FortiOS versión 6.2.0 hasta 6.2.10, FortiOS versión 6.4.0 hasta 6.4.8, FortiOS versión 7.0.0 hasta 7.0.2, FortiMail versión 6.4.0 hasta 6.4.5, FortiMail versión 7.0.0 hasta 7.0.2, pueden permitir a un usuario autenticado ejecutar código o comandos no autorizados por medio de argumentos de comando especialmente diseñados", }, ], id: "CVE-2022-22299", lastModified: "2024-11-21T06:46:35.613", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-05T20:15:08.147", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-235", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-13 13:15
Modified
2024-11-21 07:56
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-106 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-106 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "122518E7-EA43-4240-AAFB-61AD2AA28A2B", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "05454D49-17D8-4A7D-92C8-B33B006A35DA", versionEndExcluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B153B056-24AE-41C4-B644-65E080C18360", versionEndExcluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.", }, { lang: "es", value: "Una neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-Site Scripting') [CWE-79] en FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10 y FortiOS 7.2.0 a 7.2.4, Las versiones 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14 pueden permitir que un atacante autenticado desencadene la ejecución de código JavaScript malicioso a través de una configuración de administración de invitados manipulados.", }, ], id: "CVE-2023-29183", lastModified: "2024-11-21T07:56:40.483", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-13T13:15:08.367", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-106", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-08 11:15
Modified
2024-11-21 05:55
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-131 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-131 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortiproxy | 2.0.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "73F1E981-42BC-476D-B041-889BE6EF654F", versionEndIncluding: "1.2.9", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "E986BB97-4883-4B26-9C67-681BB4D2EFA8", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7", versionEndIncluding: "6.0.12", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3", versionEndIncluding: "6.2.9", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "88D6903E-70D0-4D63-BC68-BA37EE91BCB1", versionEndIncluding: "6.4.6", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "79FEE7F6-F72E-4A43-883C-0CF492DF355B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inapropiado [CWE-284] en el demonio autod de FortiOS versiones 7.0.0, 6.4.6 y anteriores, 6.2.9 y anteriores, 6.0.12 y anteriores y FortiProxy 2.0.1 y anteriores, 1.2.9 y anteriores, puede permitir a un atacante autenticado con pocos privilegios escalar sus privilegios a super_admin por medio de una configuración específica diseñada del script CLI de automatización de tejidos y de las funciones de auto-script", }, ], id: "CVE-2021-26110", lastModified: "2024-11-21T05:55:53.013", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-08T11:15:11.683", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/advisory/FG-IR-20-131", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-12-11 19:54
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4A93633F-8865-49D7-A5CE-F7D009DFB901", versionEndExcluding: "7.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "62F2452A-7AF9-4BD2-932D-D6414699C793", versionEndIncluding: "1.3.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894", versionEndExcluding: "7.0.17", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFFA2C3-0A23-4884-B751-785BE598DFF3", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EFB333FC-4406-4EBD-B6F2-6C41BCE2E742", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB0D2553-E4E6-454A-80F6-9D014A4710D3", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Un desbordamiento de búfer basado en pila en Fortinet FortiPAM versión 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager versión 7.2.0 a 7.2.3, 7.0.1 a 7.0. 3, FortiOS versión 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0. 18, FortiProxy versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.15, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7 permite a un atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-26010", lastModified: "2024-12-11T19:54:35.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T15:16:04.473", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 06:58
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-080 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-080 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6607C71D-D434-430A-8DFD-9125381D2D36", versionEndIncluding: "2.0.11", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "81E60913-FBE9-467B-AB4B-CA85E97527BA", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8EA5512D-6EE5-4DF3-A960-C02394F25225", versionEndIncluding: "6.0.16", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D865A-6411-4807-81D4-6A5C052C03C9", versionEndIncluding: "6.4.11", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "EE6D1D19-1227-42BE-87A7-E798D60059A5", versionEndExcluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.", }, ], id: "CVE-2022-29054", lastModified: "2024-11-21T06:58:25.020", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:12.263", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-080", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-329", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-095 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-095 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortiproxy | 7.2.3 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5A2777EA-F45D-4D3A-AA2F-078E2B874A30", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D962937C-B057-4422-A672-8DD2F3C3B3B6", versionEndIncluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C2573C90-BE6A-4D5D-A223-F09213318909", versionEndIncluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4AB643A8-B52F-4D54-B816-28A6401BAA25", versionEndIncluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.", }, ], id: "CVE-2023-29178", lastModified: "2024-11-21T07:56:39.910", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:17.077", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-095", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-095", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-824", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-824", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-16 10:15
Modified
2025-02-03 21:54
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-221 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer_cloud | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "EF81840B-F269-4B40-8014-D4B18A2A016F", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "DC9AD7A8-B390-4037-872B-02E1BEEDEC6C", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "6EA0888C-2D95-46ED-9BA9-F99072C02FE6", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7269FDB6-A1D4-4912-8751-87BA52614FDA", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "241A8930-4ADA-4380-AA42-F10B28487595", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "60E6EA0C-12E8-4EA7-901C-BEDE07BC88DA", versionEndExcluding: "2.0.15", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "D273F0B5-A9F3-460B-8E96-7BEB816A91D9", versionEndExcluding: "7.0.18", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "77A6D950-F8AE-4E12-9D43-C49BFE03B3D4", versionEndExcluding: "7.2.11", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6794E3E0-7FC3-40D8-9568-20E6878E3EDB", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0532A5-31F2-4A92-BF31-6003E28AC948", versionEndExcluding: "7.0.16", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "678EB0FA-2B29-4108-8378-C4803A543193", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AD879-997D-4787-A1E9-E4132AC521E2", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.", }, { lang: "es", value: "Una autenticación débil en Fortinet FortiManager Cloud, FortiAnalyzer versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiAnalyzer Cloud versiones 7.4.1 a 7.4.3, FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiManager Cloud versiones 7.4.1 a 7.4.3 permite a un atacante ejecutar código o comandos no autorizados a través de un ataque de fuerza bruta.", }, ], id: "CVE-2024-50563", lastModified: "2025-02-03T21:54:17.977", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-16T10:15:09.480", references: [ { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-1390", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-468 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-468 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3A99FF48-370E-4D2A-B5CC-889EA21AB213", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0135464C-532C-430D-A76C-2FCDE4C991D1", versionEndIncluding: "6.0.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "D962937C-B057-4422-A672-8DD2F3C3B3B6", versionEndIncluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.", }, ], id: "CVE-2023-29175", lastModified: "2024-11-21T07:56:39.663", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:17.027", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-468", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-468", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-126 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-126 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiswitch | * | |
| fortinet | fortiswitch | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "29C4F347-1E27-4517-8E9D-E932B3A7F271", versionEndExcluding: "2.0.8", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA", versionEndExcluding: "7.0.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "C85CEB11-2682-448D-852A-9EE113E54539", versionEndExcluding: "6.3.17", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", matchCriteriaId: "1725A170-7445-459F-A682-A9EA13470393", versionEndExcluding: "7.0.0", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E23ACB3B-E74F-4AF6-B67B-7603ED113B36", versionEndExcluding: "6.4.9", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "30F10D70-1176-4119-BF1A-C2A5FCA386D4", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "8C7EE382-AA93-4634-B48E-3BE9012EC96B", versionEndExcluding: "6.4.11", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*", matchCriteriaId: "69CF7A08-72CB-4CEC-9900-8B26180B2782", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.", }, ], id: "CVE-2021-43074", lastModified: "2024-11-21T06:28:38.750", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:11.677", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-21-126", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:04
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-282 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C8B93C73-1E94-4854-8405-C3689860A74C", versionEndExcluding: "7.2.12", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "5B276403-CE85-445A-9E5D-BBFBD7AB7A68", versionEndExcluding: "7.4.6", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "678EB0FA-2B29-4108-8378-C4803A543193", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AD879-997D-4787-A1E9-E4132AC521E2", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", matchCriteriaId: "44CE8EE3-D64A-49C8-87D7-C18B302F864A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header.", }, { lang: "es", value: "Una neutralización incorrecta de las secuencias crlf en los encabezados http (\"división de respuesta http\") en Fortinet FortiOS 7.2.0 a 7.6.0, FortiProxy 7.2.0 a 7.4.5 permite a un atacante ejecutar código o comandos no autorizados a través del encabezado HTTP manipulado.", }, ], id: "CVE-2024-54021", lastModified: "2025-02-03T22:04:26.590", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-14T14:15:34.287", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-282", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-113", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-436", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-16 10:15
Modified
2024-11-21 08:05
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-015 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-015 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "5E6D4C77-6D88-4DD2-8A5C-610DE901EBBB", versionEndExcluding: "7.0.10", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "9A0AB0B8-819F-46EE-A921-119B76A138B5", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B153B056-24AE-41C4-B644-65E080C18360", versionEndExcluding: "6.4.13", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "8870AB06-C50F-452A-952C-30DE7860264E", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4562BDF7-D894-4CD8-95AC-9409FDEBE73F", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.", }, ], id: "CVE-2023-33306", lastModified: "2024-11-21T08:05:22.837", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-16T10:15:09.467", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-13 08:15
Modified
2024-11-21 08:30
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-432 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-432 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951", versionEndIncluding: "2.0.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "DAC18F7E-5242-4F36-BB42-FEC33B3AC075", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3A99FF48-370E-4D2A-B5CC-889EA21AB213", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A2B52E22-C64D-4142-885E-6C44FA670574", versionEndIncluding: "6.4.14", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "DF27CA2F-3F4C-4CCB-B832-0E792673C429", versionEndIncluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS versión 7.2.0, versión 7.0.13 e inferior, versión 6.4.14 e inferior y FortiProxy versión 7.2.3 e inferior, versión 7.0.9 e inferior, versión 2.0.12 y a continuación pueden permitir que un atacante remoto no autenticado evite la política de geolocalización de denegación del firewall sincronizando la omisión con una actualización de la base de datos GeoIP.", }, ], id: "CVE-2023-47536", lastModified: "2024-11-21T08:30:24.973", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-13T08:15:50.920", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-432", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:16
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-221 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer_cloud | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "EF81840B-F269-4B40-8014-D4B18A2A016F", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", matchCriteriaId: "DC9AD7A8-B390-4037-872B-02E1BEEDEC6C", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "6EA0888C-2D95-46ED-9BA9-F99072C02FE6", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7269FDB6-A1D4-4912-8751-87BA52614FDA", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "241A8930-4ADA-4380-AA42-F10B28487595", versionEndExcluding: "7.6.2", versionStartIncluding: "7.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "60E6EA0C-12E8-4EA7-901C-BEDE07BC88DA", versionEndExcluding: "2.0.15", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "D273F0B5-A9F3-460B-8E96-7BEB816A91D9", versionEndExcluding: "7.0.18", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "77A6D950-F8AE-4E12-9D43-C49BFE03B3D4", versionEndExcluding: "7.2.11", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6794E3E0-7FC3-40D8-9568-20E6878E3EDB", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FA0532A5-31F2-4A92-BF31-6003E28AC948", versionEndExcluding: "7.0.16", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "678EB0FA-2B29-4108-8378-C4803A543193", versionEndExcluding: "7.2.9", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AD879-997D-4787-A1E9-E4132AC521E2", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.", }, { lang: "es", value: "Una autenticación débil en Fortinet FortiOS versiones 7.4.0 a 7.4.4, 7.2.0 a 7.2.8, 7.0.0 a 7.0.15, 6.4.0 a 6.4.15, FortiProxy versiones 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.17, 2.0.0 a 2.0.14, FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiManager Cloud versiones 7.4.1 a 7.4.3 y FortiAnalyzer Cloud versiones 7.4.1 a 7.4.3 permite a un atacante ejecutar código o comandos no autorizados mediante un ataque de fuerza bruta.", }, ], id: "CVE-2024-48886", lastModified: "2025-02-03T22:16:04.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2025-01-14T14:15:33.027", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-1390", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-24 03:15
Modified
2024-11-21 05:55
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-20-199 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-20-199 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "73F1E981-42BC-476D-B041-889BE6EF654F", versionEndIncluding: "1.2.9", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "E986BB97-4883-4B26-9C67-681BB4D2EFA8", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C0E45929-0FEB-4C95-9DBA-F927712FBF4F", versionEndIncluding: "5.2.15", versionStartIncluding: "5.2.10", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0", versionEndIncluding: "5.4.13", versionStartIncluding: "5.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD", versionEndIncluding: "5.6.14", versionStartIncluding: "5.6.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7", versionEndIncluding: "6.0.12", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "6EB24CA5-D2B3-4FEE-B03A-05A7A0F11964", versionEndIncluding: "6.2.7", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5A29B9B0-C8AD-47FA-B18C-2898EBCB1295", versionEndIncluding: "6.4.4", versionStartIncluding: "6.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.", }, { lang: "es", value: "Un fallo en el saneo de la entrada en el portal web SSL VPN de FortiOS versiones 5.2.10 hasta 5.2.15, 5.4.0 hasta 5.4.13, 5.6.0 hasta 5.6.14, 6.0.0 hasta 6.0.12, 6.2.0 hasta 6.2.7, 6.4.0 hasta 6.4.4; y FortiProxy 1. 2.0 hasta 1.2.9, 2.0.0 hasta 2.0.1, pueden permitir a un atacante remoto no autenticado llevar a cabo un ataque de tipo Cross-site Scripting (XSS) reflejado mediante el envío una petición a la página de error con parámetros GET maliciosos", }, ], id: "CVE-2021-26092", lastModified: "2024-11-21T05:55:51.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-24T03:15:43.407", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-20-199", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-20-199", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-42472
Vulnerability from cvelistv5
Published
2023-02-16 18:07
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 Version: 2.0.0 ≤ 2.0.10 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:41.008Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-362", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-362", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42472", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:31.990875Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:49:22.231Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.10", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-113", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:07:00.188Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-362", url: "https://fortiguard.com/psirt/FG-IR-22-362", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiProxy version 2.0.11 or above Please upgrade to FortiOS version 7.2.3 or above Please upgrade to FortiOS version 7.0.9 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-42472", datePublished: "2023-02-16T18:07:00.188Z", dateReserved: "2022-10-07T14:05:36.301Z", dateUpdated: "2024-10-22T20:49:22.231Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29183
Vulnerability from cvelistv5
Published
2023-09-13 12:29
Modified
2024-10-22 21:00
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.995Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-106", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-106", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-29183", options: [ { Exploitation: "None", }, { Automatable: "No", }, { "Technical Impact": "Total", }, ], role: "CISA Coordinator", timestamp: "2023-11-15T16:35:37.397795Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T21:00:12.580Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.14", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-13T12:29:55.625Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-106", url: "https://fortiguard.com/psirt/FG-IR-23-106", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.5 or above Please upgrade to FortiProxy version 7.0.11 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiOS version 6.2.15 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29183", datePublished: "2023-09-13T12:29:55.625Z", dateReserved: "2023-04-03T08:47:30.452Z", dateUpdated: "2024-10-22T21:00:12.580Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-41677
Vulnerability from cvelistv5
Published
2024-04-09 14:24
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 Version: 6.4.0 ≤ 6.4.14 Version: 6.2.0 ≤ 6.2.15 Version: 6.0.0 ≤ 6.0.18 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "custom", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "custom", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "custom", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "custom", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "custom", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "custom", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "custom", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "custom", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "custom", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-41677", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-11T04:01:14.917820Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-12T15:15:27.451Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T19:01:35.404Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-493", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-493", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-15T08:10:53.751Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-493", url: "https://fortiguard.com/psirt/FG-IR-23-493", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiSASE version 23.4.a or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiOS version 6.4.15 or above \nPlease upgrade to FortiOS version 6.2.16 or above \nPlease upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.8 or above \nPlease upgrade to FortiProxy version 7.0.14 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-41677", datePublished: "2024-04-09T14:24:21.614Z", dateReserved: "2023-08-30T13:42:39.547Z", dateUpdated: "2024-08-02T19:01:35.404Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46715
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:55
Severity ?
EPSS score ?
Summary
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-46715", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:15:14.692340Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T20:55:58.030Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-346", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:08:52.045Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-407", url: "https://fortiguard.com/psirt/FG-IR-23-407", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiSASE version 22.4 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-46715", datePublished: "2025-01-14T14:08:52.045Z", dateReserved: "2023-10-25T08:43:15.290Z", dateUpdated: "2025-01-14T20:55:58.030Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33308
Vulnerability from cvelistv5
Published
2023-07-26 14:00
Modified
2024-10-23 13:07
Severity ?
EPSS score ?
Summary
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.2 Version: 7.0.0 ≤ 7.0.9 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:39:36.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-183", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-183", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33308", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:07:14.340046Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T13:07:25.250Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-26T14:00:25.931Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-183", url: "https://fortiguard.com/psirt/FG-IR-23-183", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-33308", datePublished: "2023-07-26T14:00:25.931Z", dateReserved: "2023-05-22T07:58:22.197Z", dateUpdated: "2024-10-23T13:07:25.250Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17656
Vulnerability from cvelistv5
Published
2021-04-12 14:14
Modified
2024-10-25 13:59
Severity ?
EPSS score ?
Summary
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-19-248 | x_refsource_CONFIRM | |
| https://fortiguard.com/advisory/FG-IR-21-007 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy, FortiOS |
Version: FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below; FortiOS 6.0.10 and below, 6.2.2 and below |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:47:13.701Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-19-248", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-21-007", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-17656", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:58:54.865929Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:59:10.561Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiProxy, FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below; FortiOS 6.0.10 and below, 6.2.2 and below", }, ], }, ], descriptions: [ { lang: "en", value: "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Crash of the HTTPD service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-12T14:14:42", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-19-248", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-21-007", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2019-17656", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiProxy, FortiOS", version: { version_data: [ { version_value: "FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below; FortiOS 6.0.10 and below, 6.2.2 and below", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "Low", baseScore: 5.3, baseSeverity: "Medium", confidentialityImpact: "None", integrityImpact: "Low", privilegesRequired: "Low", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Crash of the HTTPD service", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-19-248", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-19-248", }, { name: "https://fortiguard.com/advisory/FG-IR-21-007", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-21-007", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2019-17656", datePublished: "2021-04-12T14:14:42", dateReserved: "2019-10-16T00:00:00", dateUpdated: "2024-10-25T13:59:10.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41330
Vulnerability from cvelistv5
Published
2023-04-11 16:05
Modified
2024-10-23 14:30
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:46.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-363", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-363", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41330", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:11:25.297377Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:30:33.980Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T16:05:38.973Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-363", url: "https://fortiguard.com/psirt/FG-IR-22-363", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41330", datePublished: "2023-04-11T16:05:38.973Z", dateReserved: "2022-09-23T15:07:35.782Z", dateUpdated: "2024-10-23T14:30:33.980Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-33510
Vulnerability from cvelistv5
Published
2024-11-12 18:53
Modified
2024-11-13 18:45
Severity ?
EPSS score ?
Summary
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-33510", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T18:45:31.685889Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:45:40.158Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.6, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-358", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T18:53:45.839Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-033", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-033", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiProxy version 7.4.4 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-33510", datePublished: "2024-11-12T18:53:45.839Z", dateReserved: "2024-04-23T14:18:29.831Z", dateUpdated: "2024-11-13T18:45:40.158Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43072
Vulnerability from cvelistv5
Published
2023-07-18 00:01
Modified
2024-09-17 14:05
Severity ?
EPSS score ?
Summary
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiAnalyzer |
Version: 7.0.0 ≤ 7.0.2 Version: 6.4.0 ≤ 6.4.7 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.12 Version: 5.6.0 ≤ 5.6.11 cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:6.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:5.6.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-43072", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-16T18:40:02.770628Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-16T18:40:17.373Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T03:47:13.197Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/advisory/FG-IR-21-206", tags: [ "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-21-206", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:5.6.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAnalyzer", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.7", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.12", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.11", status: "affected", version: "5.6.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:5.6.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.7", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.12", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.11", status: "affected", version: "5.6.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T14:05:39.988Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/advisory/FG-IR-21-206", url: "https://fortiguard.com/advisory/FG-IR-21-206", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiAnalyzer version 7.0.3 or above \nPlease upgrade to FortiAnalyzer version 6.4.8 or above \nPlease upgrade to FortiManager version 7.0.3 or above \nPlease upgrade to FortiManager version 6.4.8 or above \nPlease upgrade to FortiOS version 7.2.0 or above \nPlease upgrade to FortiOS version 7.0.6 or above \nPlease upgrade to FortiProxy version 7.0.4 or above \nPlease upgrade to FortiProxy version 2.0.9 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-43072", datePublished: "2023-07-18T00:01:04.306Z", dateReserved: "2021-10-28T21:06:26.047Z", dateUpdated: "2024-09-17T14:05:39.988Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43081
Vulnerability from cvelistv5
Published
2022-05-11 14:30
Modified
2024-10-22 20:57
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-230 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy |
Version: FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:47:13.630Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-230", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-43081", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:19:32.002056Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:57:08.663Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0.", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitCodeMaturity: "NOT_DEFINED", integrityImpact: "LOW", privilegesRequired: "NONE", remediationLevel: "WORKAROUND", reportConfidence: "NOT_DEFINED", scope: "CHANGED", temporalScore: 6, temporalSeverity: "MEDIUM", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:W/RC:X", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Unauthorized code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-11T14:30:18", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-21-230", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-43081", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiProxy", version: { version_data: [ { version_value: "FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0.", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 6, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", userInteraction: "Required", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:W/RC:X", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Unauthorized code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-21-230", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-21-230", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-43081", datePublished: "2022-05-11T14:30:18", dateReserved: "2021-10-28T00:00:00", dateUpdated: "2024-10-22T20:57:08.663Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45861
Vulnerability from cvelistv5
Published
2023-03-07 16:21
Modified
2024-10-22 20:48
Severity ?
EPSS score ?
Summary
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 6.4.0 ≤ 6.4.11 Version: 6.2.0 ≤ 6.2.13 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:24:02.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-477", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-477", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-45861", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:22.883912Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:48:10.646Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.5", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-07T16:21:49.923Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-477", url: "https://fortiguard.com/psirt/FG-IR-22-477", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-45861", datePublished: "2023-03-07T16:21:49.923Z", dateReserved: "2022-11-23T14:57:05.613Z", dateUpdated: "2024-10-22T20:48:10.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-47536
Vulnerability from cvelistv5
Published
2023-12-13 08:06
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.13 Version: 6.4.0 ≤ 6.4.14 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:09:37.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-432", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-432", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.8, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:F/RL:O/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-13T08:06:01.706Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-432", url: "https://fortiguard.com/psirt/FG-IR-23-432", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.1 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiProxy version 7.2.4 or above \nPlease upgrade to FortiProxy version 7.0.10 or above \nPlease upgrade to FortiProxy version 2.0.13 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-47536", datePublished: "2023-12-13T08:06:01.706Z", dateReserved: "2023-11-06T10:35:25.827Z", dateUpdated: "2024-08-02T21:09:37.425Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22299
Vulnerability from cvelistv5
Published
2022-08-05 15:23
Modified
2024-10-25 13:30
Severity ?
EPSS score ?
Summary
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-235 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiADC, FortiProxy, FortiMail, FortiOS |
Version: FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, ...[truncated*] |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:07:50.220Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-235", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-22299", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:12:25.586581Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:30:31.683Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiADC, FortiProxy, FortiMail, FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, ...[truncated*]", }, ], }, ], descriptions: [ { lang: "en", value: "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "LOW", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 7.4, temporalSeverity: "HIGH", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-05T15:23:52", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-21-235", }, ], x_ConverterErrors: { version_name: { error: "version_name too long. Use array of versions to record more than one version.", message: "Truncated!", }, }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2022-22299", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiADC, FortiProxy, FortiMail, FortiOS", version: { version_data: [ { version_value: "FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Local", availabilityImpact: "High", baseScore: 7.4, baseSeverity: "High", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-21-235", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-21-235", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-22299", datePublished: "2022-08-05T15:23:52", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-10-25T13:30:31.683Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-54021
Vulnerability from cvelistv5
Published
2025-01-14 14:09
Modified
2025-01-15 14:49
Severity ?
EPSS score ?
Summary
An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.6.0 Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.8 cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-54021", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-15T14:49:26.902314Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-15T14:49:47.028Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.5", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.11", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-113", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:09:48.859Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-282", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-282", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiSASE version 24.3.c or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-54021", datePublished: "2025-01-14T14:09:48.859Z", dateReserved: "2024-11-27T15:20:39.890Z", dateUpdated: "2025-01-15T14:49:47.028Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42475
Vulnerability from cvelistv5
Published
2023-01-02 08:18
Modified
2024-10-23 13:27
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:40.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-398", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-398", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42475", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:26:56.926267Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-12-13", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-42475", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T13:27:24.950Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.10", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.11", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.15", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "semver", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-197", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-02T08:18:49.444Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-398", url: "https://fortiguard.com/psirt/FG-IR-22-398", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.3 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiOS version 6.4.11 or above\r\nPlease upgrade to FortiOS version 6.2.12 or above\r\nPlease upgrade to FortiOS version 6.0.16 or above\r\nPlease upgrade to upcoming FortiOS-6K7K version 7.0.8 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.10 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.0.15 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to upcoming FortiProxy version 2.0.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-42475", datePublished: "2023-01-02T08:18:49.444Z", dateReserved: "2022-10-07T14:05:36.301Z", dateUpdated: "2024-10-23T13:27:24.950Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6648
Vulnerability from cvelistv5
Published
2020-10-21 14:05
Modified
2024-10-25 14:24
Severity ?
EPSS score ?
Summary
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.fortiguard.com/psirt/FG-IR-20-009 | x_refsource_CONFIRM | |
| https://www.fortiguard.com/psirt/FG-IR-20-236 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiGate and FortiProxy |
Version: FortiOS versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:11:04.625Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-009", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-6648", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-24T20:09:40.110577Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T14:24:11.567Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "FortiGate and FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier.", }, ], }, ], descriptions: [ { lang: "en", value: "A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the \"diag sys ha checksum show\" command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-11T20:09:26", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-009", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2020-6648", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "FortiGate and FortiProxy", version: { version_data: [ { version_value: "FortiOS versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier.", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the \"diag sys ha checksum show\" command.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 5.2, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.fortiguard.com/psirt/FG-IR-20-009", refsource: "CONFIRM", url: "https://www.fortiguard.com/psirt/FG-IR-20-009", }, { name: "https://www.fortiguard.com/psirt/FG-IR-20-236", refsource: "CONFIRM", url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2020-6648", datePublished: "2020-10-21T14:05:55", dateReserved: "2020-01-09T00:00:00", dateUpdated: "2024-10-25T14:24:11.567Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22128
Vulnerability from cvelistv5
Published
2021-03-04 17:27
Modified
2024-10-25 13:59
Severity ?
EPSS score ?
Summary
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-235 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy |
Version: FortiProxy 2.0.0, 1.2.9 and below |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:30:24.008Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-235", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-22128", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:59:02.669973Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:59:55.356Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiProxy 2.0.0, 1.2.9 and below", }, ], }, ], descriptions: [ { lang: "en", value: "An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Improper Access Control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-04T17:27:43", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-235", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-22128", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiProxy", version: { version_data: [ { version_value: "FortiProxy 2.0.0, 1.2.9 and below", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "High", baseScore: 6.9, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-20-235", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-235", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-22128", datePublished: "2021-03-04T17:27:43", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-10-25T13:59:55.356Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-27997
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 13:18
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS-6K7K |
Version: 7.0.10 Version: 7.0.5 Version: 6.4.12 Version: 6.4.10 Version: 6.4.8 Version: 6.4.6 Version: 6.4.2 Version: 6.2.9 ≤ 6.2.13 Version: 6.2.6 ≤ 6.2.7 Version: 6.2.4 Version: 6.0.12 ≤ 6.0.16 Version: 6.0.10 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:23:30.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-097", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-097", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-27997", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:18:08.089433Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-06-13", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-27997", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T13:18:14.745Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS-6K7K", vendor: "Fortinet", versions: [ { status: "affected", version: "7.0.10", }, { status: "affected", version: "7.0.5", }, { status: "affected", version: "6.4.12", }, { status: "affected", version: "6.4.10", }, { status: "affected", version: "6.4.8", }, { status: "affected", version: "6.4.6", }, { status: "affected", version: "6.4.2", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.9", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.6", versionType: "semver", }, { status: "affected", version: "6.2.4", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.12", versionType: "semver", }, { status: "affected", version: "6.0.10", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.2, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:47.415Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-097", url: "https://fortiguard.com/psirt/FG-IR-23-097", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS-6K7K version 7.0.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.13 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.15 or above\r\nPlease upgrade to FortiOS-6K7K version 6.0.17 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above\r\nPlease upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.12 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiOS version 6.2.14 or above\r\nPlease upgrade to FortiOS version 6.0.17 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-27997", datePublished: "2023-06-13T08:41:47.415Z", dateReserved: "2023-03-09T10:09:33.119Z", dateUpdated: "2024-10-23T13:18:14.745Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43947
Vulnerability from cvelistv5
Published
2023-04-11 16:07
Modified
2024-10-22 20:47
Severity ?
EPSS score ?
Summary
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.10 Version: 6.4.0 ≤ 6.4.12 Version: 6.2.0 ≤ 6.2.13 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:40:06.579Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-444", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-444", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43947", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:15.478464Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:47:20.788Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-307", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T16:07:03.597Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-444", url: "https://fortiguard.com/psirt/FG-IR-22-444", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiOS version 6.4.13 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-43947", datePublished: "2023-04-11T16:07:03.597Z", dateReserved: "2022-10-27T07:40:06.589Z", dateUpdated: "2024-10-22T20:47:20.788Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35843
Vulnerability from cvelistv5
Published
2022-12-06 16:00
Modified
2024-10-23 14:51
Severity ?
EPSS score ?
Summary
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.6 Version: 6.4.0 ≤ 6.4.9 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.15 Version: 6.2.0 ≤ Version: 6.0.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:22.078Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-255", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-255", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-35843", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:12:06.335689Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:51:54.623Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.9", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.15", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThan: "6.2.*", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThan: "6.0.*", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.5", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.10", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T16:00:33.269Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-255", url: "https://fortiguard.com/psirt/FG-IR-22-255", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.2 or above\r\nPlease upgrade to FortiOS version 7.0.8 or above\r\nPlease upgrade to FortiOS version 6.4.10 or above\n\r\nPlease upgrade to FortiProxy version 7.0.7 or above\r\nPlease upgrade to FortiProxy version 2.0.11 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-35843", datePublished: "2022-12-06T16:00:33.269Z", dateReserved: "2022-07-13T20:38:49.332Z", dateUpdated: "2024-10-23T14:51:54.623Z", requesterUserId: "a0475cc0-be89-4a25-97b3-d1b8023a8677", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22640
Vulnerability from cvelistv5
Published
2023-05-03 21:26
Modified
2024-10-23 14:28
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.10 Version: 6.4.0 ≤ 6.4.11 Version: 6.2.0 ≤ 6.2.13 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:49.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-475", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-475", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22640", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:11:09.946619Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:28:13.885Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-03T21:26:29.469Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-475", url: "https://fortiguard.com/psirt/FG-IR-22-475", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.14 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\n \nWorkaround:\n \nDisable \"Host Check\", \"Restrict to Specific OS Versions\" and \"MAC address host checking\" in sslvpn portal configuration. For example for \"full-access\" sslvpn portal:\n \nconfig vpn ssl web portal\r\nedit \"full-access\"\r\nset os-check disable\r\nset host-check none\r\nset mac-addr-check disable\r\nend", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-22640", datePublished: "2023-05-03T21:26:29.469Z", dateReserved: "2023-01-05T10:06:31.522Z", dateUpdated: "2024-10-23T14:28:13.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41327
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 14:27
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.8 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-380", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-380", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41327", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:11:01.701994Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:27:14.451Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-319", description: "Information disclosure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:41.742Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-380", url: "https://fortiguard.com/psirt/FG-IR-22-380", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41327", datePublished: "2023-06-13T08:41:41.742Z", dateReserved: "2022-09-23T15:07:35.780Z", dateUpdated: "2024-10-23T14:27:14.451Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29054
Vulnerability from cvelistv5
Published
2023-02-16 18:07
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.7 Version: 6.4.0 ≤ 6.4.9 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:10:58.670Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-080", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-080", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-29054", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:29.615605Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:49:05.910Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.9", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-329", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:07:34.488Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-080", url: "https://fortiguard.com/psirt/FG-IR-22-080", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.1 or above\r\nPlease upgrade to FortiOS version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-29054", datePublished: "2023-02-16T18:07:34.488Z", dateReserved: "2022-04-11T13:56:39.869Z", dateUpdated: "2024-10-22T20:49:05.910Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44170
Vulnerability from cvelistv5
Published
2022-07-18 16:35
Modified
2024-10-25 13:31
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-179 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy, FortiOS |
Version: FortiOS before 7.0.4; FortiProxy before 2.0.8 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.928Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-179", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-44170", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:12:34.314692Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:31:34.279Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiProxy, FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS before 7.0.4; FortiProxy before 2.0.8", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "HIGH", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 6.3, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-18T16:35:11", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-21-179", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-44170", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiProxy, FortiOS", version: { version_data: [ { version_value: "FortiOS before 7.0.4; FortiProxy before 2.0.8", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Local", availabilityImpact: "High", baseScore: 6.3, baseSeverity: "Medium", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-21-179", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-21-179", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-44170", datePublished: "2022-07-18T16:35:11", dateReserved: "2021-11-23T00:00:00", dateUpdated: "2024-10-25T13:31:34.279Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-42757
Vulnerability from cvelistv5
Published
2021-12-08 11:01
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-173 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS before 6.4.7, FortiOS 7.0.0 through 7.0.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:38:50.116Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-21-173", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Fortinet FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS before 6.4.7, FortiOS 7.0.0 through 7.0.2", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "HIGH", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 6.3, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-08T11:01:11", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-21-173", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-42757", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS", version: { version_data: [ { version_value: "FortiOS before 6.4.7, FortiOS 7.0.0 through 7.0.2", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Local", availabilityImpact: "High", baseScore: 6.3, baseSeverity: "Medium", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-21-173", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-21-173", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-42757", datePublished: "2021-12-08T11:01:11", dateReserved: "2021-10-20T00:00:00", dateUpdated: "2024-08-04T03:38:50.116Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-48884
Vulnerability from cvelistv5
Published
2025-01-14 14:09
Modified
2025-01-16 16:15
Severity ?
EPSS score ?
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiManager |
Version: 7.6.0 ≤ 7.6.1 Version: 7.4.1 ≤ 7.4.3 cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-48884", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:17:58.698254Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T20:55:28.999Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.6.1", status: "affected", version: "7.6.0", versionType: "semver", }, { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.1", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.5", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.11", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.18", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "Escalation of privilege", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-16T16:15:35.420Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiRecorder version 7.2.2 or above \nPlease upgrade to FortiRecorder version 7.0.5 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above \nPlease upgrade to FortiProxy version 7.0.19 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.5 or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.5 or above \nPlease upgrade to FortiVoice version 6.4.10 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-48884", datePublished: "2025-01-14T14:09:26.476Z", dateReserved: "2024-10-09T09:03:09.960Z", dateUpdated: "2025-01-16T16:15:35.420Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33307
Vulnerability from cvelistv5
Published
2023-06-16 09:40
Modified
2024-10-22 20:41
Severity ?
EPSS score ?
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:39:36.129Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-015", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33307", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:52.005676Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:41:52.598Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-16T09:40:11.023Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-015", url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-33307", datePublished: "2023-06-16T09:40:11.023Z", dateReserved: "2023-05-22T07:58:22.197Z", dateUpdated: "2024-10-22T20:41:52.598Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41331
Vulnerability from cvelistv5
Published
2023-04-11 16:06
Modified
2024-10-23 14:29
Severity ?
EPSS score ?
Summary
A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiPresence |
Version: 1.2.0 ≤ 1.2.1 Version: 1.1.0 ≤ 1.1.1 Version: 1.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.883Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-355", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-355", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41331", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:19:08.963120Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:29:35.185Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPresence", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.2.1", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.1", status: "affected", version: "1.1.0", versionType: "semver", }, { status: "affected", version: "1.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T16:06:05.258Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-355", url: "https://fortiguard.com/psirt/FG-IR-22-355", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiPresence version 2.0.0 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41331", datePublished: "2023-04-11T16:06:05.258Z", dateReserved: "2022-09-23T15:07:35.782Z", dateUpdated: "2024-10-23T14:29:35.185Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-45586
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 20:21
Severity ?
EPSS score ?
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.7 Version: 7.0.0 ≤ 7.0.13 Version: 2.0.0 ≤ 2.0.14 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.0.12", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-45586", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-14T18:40:45.753206Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-06T12:42:53.871Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T20:21:16.569Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-225", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-225", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-345", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-14T16:19:09.998Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-225", url: "https://fortiguard.com/psirt/FG-IR-23-225", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.8 or above \nPlease upgrade to FortiProxy version 7.0.14 or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiSASE version 23.4.a or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-45586", datePublished: "2024-05-14T16:19:09.998Z", dateReserved: "2023-10-09T08:01:29.296Z", dateUpdated: "2024-08-02T20:21:16.569Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26110
Vulnerability from cvelistv5
Published
2021-12-08 10:41
Modified
2024-10-25 13:42
Severity ?
EPSS score ?
Summary
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-131 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:19:20.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-131", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-26110", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:13:16.701692Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:42:47.340Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below", }, ], }, ], descriptions: [ { lang: "en", value: "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "LOW", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 7.4, temporalSeverity: "HIGH", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-08T10:41:25", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-131", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-26110", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiOS 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Local", availabilityImpact: "High", baseScore: 7.4, baseSeverity: "High", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-20-131", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-131", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-26110", datePublished: "2021-12-08T10:41:25", dateReserved: "2021-01-25T00:00:00", dateUpdated: "2024-10-25T13:42:47.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-40680
Vulnerability from cvelistv5
Published
2022-12-06 16:00
Modified
2024-10-22 20:51
Severity ?
EPSS score ?
Summary
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.0.0 ≤ 7.0.1 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:21:46.588Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-21-248", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-248", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-40680", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:53.836074Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:51:47.554Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.9", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.2", versionType: "semver", }, { lessThanOrEqual: "6.0.15", status: "affected", version: "6.0.7", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.8, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T16:00:38.136Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-21-248", url: "https://fortiguard.com/psirt/FG-IR-21-248", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.2\r\nPlease upgrade to FortiOS version 7.0.7\r\nPlease upgrade to FortiOS version 6.4.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-40680", datePublished: "2022-12-06T16:00:38.136Z", dateReserved: "2022-09-14T13:17:43.617Z", dateUpdated: "2024-10-22T20:51:47.554Z", requesterUserId: "a0475cc0-be89-4a25-97b3-d1b8023a8677", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22639
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 14:26
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.10 Version: 6.4.0 ≤ 6.4.12 Version: 6.2.0 ≤ 6.2.15 Version: 6.0.0 ≤ 6.0.17 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:49.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-494", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-494", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22639", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:10:57.056496Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:26:22.679Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "Escalation of privilege", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:44.785Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-494", url: "https://fortiguard.com/psirt/FG-IR-22-494", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-22639", datePublished: "2023-06-13T08:41:44.785Z", dateReserved: "2023-01-05T10:06:31.522Z", dateUpdated: "2024-10-23T14:26:22.679Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-13382
Vulnerability from cvelistv5
Published
2019-06-04 20:33
Modified
2024-10-23 13:31
Severity ?
EPSS score ?
Summary
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-389 | x_refsource_CONFIRM | |
| https://www.fortiguard.com/psirt/FG-IR-20-231 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8, 5.4.1 to 5.4.10, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:00:35.087Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-231", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-13382", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:31:11.882776Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-01-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-13382", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-23T13:31:37.705Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8, 5.4.1 to 5.4.10, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, ], datePublic: "2019-05-24T00:00:00", descriptions: [ { lang: "en", value: "An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Improper Access Control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-03T10:28:48", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-231", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2018-13382", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8, 5.4.1 to 5.4.10, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 8.9, baseSeverity: "High", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-18-389", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { name: "https://www.fortiguard.com/psirt/FG-IR-20-231", refsource: "CONFIRM", url: "https://www.fortiguard.com/psirt/FG-IR-20-231", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2018-13382", datePublished: "2019-06-04T20:33:53", dateReserved: "2018-07-06T00:00:00", dateUpdated: "2024-10-23T13:31:37.705Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-41675
Vulnerability from cvelistv5
Published
2023-10-10 16:49
Modified
2024-09-18 20:04
Severity ?
EPSS score ?
Summary
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:01:35.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-184", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-184", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-41675", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-18T20:02:08.865165Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-18T20:04:30.066Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T16:49:55.789Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-184", url: "https://fortiguard.com/psirt/FG-IR-23-184", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\nFortiSASE is no longer impacted, issue remediated Q2/23", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-41675", datePublished: "2023-10-10T16:49:55.789Z", dateReserved: "2023-08-30T13:42:39.547Z", dateUpdated: "2024-09-18T20:04:30.066Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-23113
Vulnerability from cvelistv5
Published
2024-02-15 13:59
Modified
2024-10-10 14:01
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:51:11.285Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-029", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, { status: "affected", version: "1.2.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-23113", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T12:58:44.488595Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-10-09", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-10T14:01:05.045Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-15T13:59:25.313Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-029", url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiOS version 7.4.3 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiPAM version 1.2.1 or above \nPlease upgrade to FortiPAM version 1.1.3 or above \nPlease upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.16 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-23113", datePublished: "2024-02-15T13:59:25.313Z", dateReserved: "2024-01-11T16:29:07.980Z", dateUpdated: "2024-10-10T14:01:05.045Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-50563
Vulnerability from cvelistv5
Published
2025-01-16 09:16
Modified
2025-01-16 14:14
Severity ?
EPSS score ?
Summary
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiAnalyzer |
Version: 7.6.0 ≤ 7.6.1 Version: 7.4.1 ≤ 7.4.3 cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-50563", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-16T14:14:02.872070Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-16T14:14:17.790Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAnalyzer", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.6.1", status: "affected", version: "7.6.0", versionType: "semver", }, { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.1", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.6.1", status: "affected", version: "7.6.0", versionType: "semver", }, { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.1", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1390", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-16T09:16:52.864Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiManager Cloud version 7.6.2 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiAnalyzer version 7.6.2 or above \nPlease upgrade to FortiAnalyzer version 7.4.4 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.6.2 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.4.4 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.5 or above \nPlease upgrade to FortiProxy version 7.2.11 or above \nPlease upgrade to FortiProxy version 7.0.18 or above \nPlease upgrade to FortiProxy version 2.0.15 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-50563", datePublished: "2025-01-16T09:16:52.864Z", dateReserved: "2024-10-24T11:52:14.401Z", dateUpdated: "2025-01-16T14:14:17.790Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-44250
Vulnerability from cvelistv5
Published
2024-01-10 17:51
Modified
2024-11-14 17:25
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.5 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:59:51.922Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-315", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-315", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-44250", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-14T17:24:51.505933Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-14T17:25:04.152Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { status: "affected", version: "7.2.5", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-10T17:51:37.440Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-315", url: "https://fortiguard.com/psirt/FG-IR-23-315", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.4.2 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-44250", datePublished: "2024-01-10T17:51:37.440Z", dateReserved: "2023-09-27T12:26:48.750Z", dateUpdated: "2024-11-14T17:25:04.152Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42474
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:46
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.1 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:40.871Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-393", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42474", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:03.538716Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:46:07.625Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:42.277Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-393", url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-42474", datePublished: "2023-06-13T08:41:42.277Z", dateReserved: "2022-10-07T14:05:36.301Z", dateUpdated: "2024-10-22T20:46:07.625Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-43953
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 14:26
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:47:05.147Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-463", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-463", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-43953", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:10:58.474025Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:26:46.864Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:43.764Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-463", url: "https://fortiguard.com/psirt/FG-IR-22-463", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-43953", datePublished: "2023-06-13T08:41:43.764Z", dateReserved: "2022-10-27T07:40:06.590Z", dateUpdated: "2024-10-23T14:26:46.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26103
Vulnerability from cvelistv5
Published
2021-12-08 12:01
Modified
2024-10-25 13:41
Severity ?
EPSS score ?
Summary
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-158 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:19:19.361Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-158", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-26103", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:57:43.763511Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:41:21.796Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0", }, ], }, ], descriptions: [ { lang: "en", value: "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "LOW", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 6.2, temporalSeverity: "MEDIUM", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Improper access control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-08T12:01:12", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-158", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-26103", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS", version: { version_data: [ { version_value: "FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "Low", baseScore: 6.2, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", userInteraction: "Required", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper access control", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-20-158", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-158", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-26103", datePublished: "2021-12-08T12:01:12", dateReserved: "2021-01-25T00:00:00", dateUpdated: "2024-10-25T13:41:21.796Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29179
Vulnerability from cvelistv5
Published
2024-02-22 09:40
Modified
2024-08-02 14:00
Severity ?
EPSS score ?
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-29179", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-22T16:40:02.132971Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:21:55.579Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.941Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-125", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-125", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-22T09:40:11.939Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-125", url: "https://fortiguard.com/psirt/FG-IR-23-125", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiSASE version 22.4 or above \nPlease upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29179", datePublished: "2024-02-22T09:40:11.939Z", dateReserved: "2023-04-03T08:47:30.452Z", dateUpdated: "2024-08-02T14:00:15.941Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26010
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2025-05-01 03:55
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { status: "affected", version: "1.2.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-26010", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "manipulation", }, ], role: "CISA Coordinator", timestamp: "2024-08-07T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-05-01T03:55:28.821Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:59:31.322Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", tags: [ "x_transferred", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.1", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T14:32:03.697Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26010", datePublished: "2024-06-11T14:32:03.697Z", dateReserved: "2024-02-14T09:18:43.245Z", dateUpdated: "2025-05-01T03:55:28.821Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22641
Vulnerability from cvelistv5
Published
2023-04-11 16:06
Modified
2024-10-22 20:47
Severity ?
EPSS score ?
Summary
A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 6.4.0 ≤ 6.4.12 Version: 6.2.0 ≤ 6.2.13 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:49.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-479", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-479", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-22641", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:17.850726Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:47:37.434Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N/E:H/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T16:06:13.309Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-479", url: "https://fortiguard.com/psirt/FG-IR-22-479", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\n ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-22641", datePublished: "2023-04-11T16:06:13.309Z", dateReserved: "2023-01-05T10:06:31.523Z", dateUpdated: "2024-10-22T20:47:37.434Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22130
Vulnerability from cvelistv5
Published
2021-06-03 10:27
Modified
2024-10-25 13:58
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-006 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy |
Version: FortiProxy 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:30:24.006Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-21-006", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-22130", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:13:48.067371Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:58:00.281Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiProxy 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-03T10:27:47", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-21-006", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-22130", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiProxy", version: { version_data: [ { version_value: "FortiProxy 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Local", availabilityImpact: "High", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "High", integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-21-006", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-21-006", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-22130", datePublished: "2021-06-03T10:27:47", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-10-25T13:58:00.281Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42476
Vulnerability from cvelistv5
Published
2023-03-07 16:21
Modified
2024-10-23 14:31
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.8 Version: 6.4.0 ≤ 6.4.11 Version: 6.2.0 ≤ 6.2.12 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:40.836Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-401", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-401", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42476", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:11:27.802267Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:31:15.323Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Escalation of privilege", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-07T16:21:53.725Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-401", url: "https://fortiguard.com/psirt/FG-IR-22-401", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above\n ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-42476", datePublished: "2023-03-07T16:21:53.725Z", dateReserved: "2022-10-07T14:05:36.301Z", dateUpdated: "2024-10-23T14:31:15.323Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29180
Vulnerability from cvelistv5
Published
2024-02-22 09:40
Modified
2024-08-14 19:14
Severity ?
EPSS score ?
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.11 Version: 6.4.0 ≤ 6.4.12 Version: 6.2.0 ≤ 6.2.14 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.879Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-111", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-111", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2..14", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-29180", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-14T19:10:11.418944Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-14T19:14:50.810Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.14", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-22T09:40:16.463Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-111", url: "https://fortiguard.com/psirt/FG-IR-23-111", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \nPlease upgrade to FortiOS version 6.2.15 or above \nPlease upgrade to FortiOS version 6.0.17 or above \nPlease upgrade to FortiSASE version 22.4 or above \nPlease upgrade to FortiProxy version 7.2.4 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiProxy version 2.0.13 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29180", datePublished: "2024-02-22T09:40:16.463Z", dateReserved: "2023-04-03T08:47:30.452Z", dateUpdated: "2024-08-14T19:14:50.810Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-26207
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:39:06.659Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-455", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-455", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-26207", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:59.430978Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:45:42.886Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "Information disclosure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:45.823Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-455", url: "https://fortiguard.com/psirt/FG-IR-22-455", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiProxy version 7.2.2 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-26207", datePublished: "2023-06-13T08:41:45.823Z", dateReserved: "2023-02-20T15:09:20.636Z", dateUpdated: "2024-10-22T20:45:42.886Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26092
Vulnerability from cvelistv5
Published
2022-02-24 02:45
Modified
2024-10-22 21:01
Severity ?
EPSS score ?
Summary
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-20-199 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:19:19.466Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-20-199", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-26092", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:19:50.615447Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T21:01:11.565Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "LOW", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "CHANGED", temporalScore: 4.6, temporalSeverity: "MEDIUM", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-24T02:45:57", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-20-199", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-26092", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 4.6, baseSeverity: "Medium", confidentialityImpact: "None", integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", userInteraction: "Required", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-20-199", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-20-199", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-26092", datePublished: "2022-02-24T02:45:57", dateReserved: "2021-01-25T00:00:00", dateUpdated: "2024-10-22T21:01:11.565Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43074
Vulnerability from cvelistv5
Published
2023-02-16 18:05
Modified
2024-10-22 20:50
Severity ?
EPSS score ?
Summary
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitch |
Version: 7.0.0 ≤ 7.0.3 Version: 6.4.0 ≤ 6.4.10 Version: 6.2.0 ≤ 6.2.7 Version: 6.0.0 ≤ 6.0.7 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:47:13.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-21-126", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-126", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-43074", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:40.880303Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:50:25.414Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitch", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.10", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.7", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.4.2", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.3.16", status: "affected", version: "6.3.0", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.3", status: "affected", version: "6.1.0", versionType: "semver", }, { lessThanOrEqual: "6.0.8", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.7", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.8", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "Information disclosure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:05:27.932Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-21-126", url: "https://fortiguard.com/psirt/FG-IR-21-126", }, ], solutions: [ { lang: "en", value: "Upgrade to FortiOS version 7.0.7 or above.\r\nUpgrade to FortiOS version 6.4.9 or above.\nUpgrade to FortiWeb version 7.0.0 or above.\r\nupgrade to FortiWeb version 6.3.17 or above.\nUpgrade to FortiProxy version 7.0.7 or above.\r\nUpgrade to FortiProxy version 2.0.8 or above.\nUpgrade to FortiSwitch version 7.2.0 or above.\r\nUpgrade to FortiSwitch version 7.0.4 or above.\r\nUpgrade to FortiSwitch version 6.4.11 or above.", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-43074", datePublished: "2023-02-16T18:05:27.932Z", dateReserved: "2021-10-28T21:06:26.048Z", dateUpdated: "2024-10-22T20:50:25.414Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41335
Vulnerability from cvelistv5
Published
2023-02-16 18:05
Modified
2024-10-23 14:50
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 Version: 7.0.0 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:46.229Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-391", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41335", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:12:00.557237Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:50:43.903Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.0.0", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThan: "1.2.*", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThan: "1.1.*", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThan: "1.0.*", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:05:14.761Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-391", url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.3 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiOS version 6.4.11 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.11 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.1 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.1 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41335", datePublished: "2023-02-16T18:05:14.761Z", dateReserved: "2022-09-23T15:07:35.783Z", dateUpdated: "2024-10-23T14:50:43.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26015
Vulnerability from cvelistv5
Published
2024-07-09 15:33
Modified
2024-08-01 23:59
Severity ?
EPSS score ?
Summary
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.10 Version: 7.0.0 ≤ 7.0.18 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "7.1.0", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThan: "7.3.0", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.1.0", status: "affected", version: "7.0.0", versionType: "custom", }, { lessThan: "7.3.0", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-26015", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-09T16:00:34.064801Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-09T16:05:01.819Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:59:31.104Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", tags: [ "x_transferred", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.18", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:F/RL:W/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1389", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-09T15:33:30.260Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-446", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.4 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26015", datePublished: "2024-07-09T15:33:30.260Z", dateReserved: "2024-02-14T09:18:43.246Z", dateUpdated: "2024-08-01T23:59:31.104Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36641
Vulnerability from cvelistv5
Published
2023-11-14 18:05
Modified
2024-08-30 18:21
Severity ?
EPSS score ?
Summary
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 Version: 2.0.0 ≤ 2.0.13 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:52:54.196Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-151", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-151", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-36641", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-30T18:21:33.734110Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-30T18:21:45.483Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-197", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T18:05:00.645Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-151", url: "https://fortiguard.com/psirt/FG-IR-23-151", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiSASE version 23.3.b or above \nPlease upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiOS version 7.0.13 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-36641", datePublished: "2023-11-14T18:05:00.645Z", dateReserved: "2023-06-25T18:03:39.228Z", dateUpdated: "2024-08-30T18:21:45.483Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-40721
Vulnerability from cvelistv5
Published
2025-02-11 16:09
Modified
2025-02-12 15:52
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2.0 through 7.2.2 and before 7.0.2 allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.0 ≤ 7.0.13 Version: 6.4.0 ≤ 6.4.15 Version: 6.2.0 ≤ 6.2.16 cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-40721", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-11T16:35:49.488058Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:52:51.412Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2.0 through 7.2.2 and before 7.0.2 allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T16:09:06.077Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-261", url: "https://fortiguard.com/psirt/FG-IR-23-261", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above\nPlease upgrade to FortiOS version 7.2.7 or above\nPlease upgrade to FortiPAM version 1.2.0 or above\nPlease upgrade to FortiSwitchManager version 7.2.3 or above\nPlease upgrade to FortiSwitchManager version 7.0.3 or above\nPlease upgrade to FortiProxy version 7.4.1 or above\nPlease upgrade to FortiProxy version 7.2.8 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-40721", datePublished: "2025-02-11T16:09:06.077Z", dateReserved: "2023-08-21T09:03:44.316Z", dateUpdated: "2025-02-12T15:52:51.412Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2025-24472
Vulnerability from cvelistv5
Published
2025-02-11 16:50
Modified
2025-03-18 22:20
Severity ?
EPSS score ?
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-24472", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-18T18:32:10.857001Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-03-18", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-03-18T22:20:23.171Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2025-03-18T00:00:00+00:00", value: "CVE-2025-24472 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.12", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T16:50:42.207Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.0.17 or above \nPlease upgrade to FortiProxy version 7.2.13 or above \nPlease upgrade to FortiProxy version 7.0.20 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2025-24472", datePublished: "2025-02-11T16:50:42.207Z", dateReserved: "2025-01-21T20:48:07.886Z", dateUpdated: "2025-03-18T22:20:23.171Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33306
Vulnerability from cvelistv5
Published
2023-06-16 09:40
Modified
2024-10-22 20:42
Severity ?
EPSS score ?
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 Version: 6.4.0 ≤ 6.4.12 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:39:36.283Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-015", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33306", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:53.416082Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:42:04.868Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:X/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-16T09:40:07.625Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-015", url: "https://fortiguard.com/psirt/FG-IR-23-015", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-33306", datePublished: "2023-06-16T09:40:07.625Z", dateReserved: "2023-05-22T07:58:22.197Z", dateUpdated: "2024-10-22T20:42:04.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-48885
Vulnerability from cvelistv5
Published
2025-01-16 09:01
Modified
2025-01-16 14:16
Severity ?
EPSS score ?
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiRecorder |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.4 cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-48885", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-16T14:15:57.157206Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-16T14:16:29.431Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiRecorder", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.3", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiVoice", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.9", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.0.12", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "Escalation of privilege", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-16T09:01:52.958Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-259", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiRecorder version 7.2.2 or above \nPlease upgrade to FortiRecorder version 7.0.5 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above \nPlease upgrade to FortiProxy version 7.0.19 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.5 or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.5 or above \nPlease upgrade to FortiVoice version 6.4.10 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-48885", datePublished: "2025-01-16T09:01:52.958Z", dateReserved: "2024-10-09T09:03:09.960Z", dateUpdated: "2025-01-16T14:16:29.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45862
Vulnerability from cvelistv5
Published
2024-08-13 15:51
Modified
2024-08-13 17:32
Severity ?
EPSS score ?
Summary
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.3.0 Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2022-45862", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T17:32:08.496052Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-13T17:32:25.867Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.3.0", }, { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.11", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.18", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-613", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T15:51:57.147Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-445", url: "https://fortiguard.com/psirt/FG-IR-22-445", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiPAM version 1.4.0 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiSwitchManager version 7.2.2 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-45862", datePublished: "2024-08-13T15:51:57.147Z", dateReserved: "2022-11-23T14:57:05.613Z", dateUpdated: "2024-08-13T17:32:25.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29181
Vulnerability from cvelistv5
Published
2024-02-22 09:40
Modified
2024-08-22 17:41
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.0.0 ≤ 1.0.3 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.852Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-119", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-119", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.14", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "custom", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "custom", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "custom", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "custom", }, { lessThanOrEqual: "4.3.19", status: "affected", version: "4.3.0", versionType: "custom", }, { lessThanOrEqual: "4.1.11", status: "affected", version: "4.2.0", versionType: "custom", }, { lessThanOrEqual: "4.1.11", status: "affected", version: "4.1.1", versionType: "custom", }, { lessThanOrEqual: "4.0.4", status: "affected", version: "4.0.0", versionType: "custom", }, { lessThanOrEqual: "6.2.14", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.3", status: "affected", version: "1.00", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-29181", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-02-22T16:59:29.245878Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-22T17:41:03.191Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.14", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "semver", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "semver", }, { lessThanOrEqual: "4.3.19", status: "affected", version: "4.3.0", versionType: "semver", }, { lessThanOrEqual: "4.2.16", status: "affected", version: "4.2.0", versionType: "semver", }, { lessThanOrEqual: "4.1.11", status: "affected", version: "4.1.1", versionType: "semver", }, { lessThanOrEqual: "4.0.4", status: "affected", version: "4.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-22T09:40:06.212Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-119", url: "https://fortiguard.com/psirt/FG-IR-23-119", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nPlease upgrade to FortiOS version 7.0.12 or above\nPlease upgrade to FortiOS version 6.4.13 or above\nPlease upgrade to FortiOS version 6.2.15 or above\nPlease upgrade to FortiProxy version 7.2.5 or above\nPlease upgrade to FortiProxy version 7.0.11 or above\nPlease upgrade to FortiProxy version 2.0.13 or above\nPlease upgrade to FortiPAM version 1.1.0 or above\n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29181", datePublished: "2024-02-22T09:40:06.212Z", dateReserved: "2023-04-03T08:47:30.452Z", dateUpdated: "2024-08-22T17:41:03.191Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28002
Vulnerability from cvelistv5
Published
2023-11-14 18:05
Modified
2024-10-18 14:54
Severity ?
EPSS score ?
Summary
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.12 Version: 6.4.0 ≤ 6.4.15 Version: 6.2.0 ≤ 6.2.16 Version: 6.0.0 ≤ 6.0.18 cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:23:30.891Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-396", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-396", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-28002", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-30T18:14:58.535601Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-30T18:20:58.090Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-354", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-18T14:54:04.182Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-396", url: "https://fortiguard.com/psirt/FG-IR-22-396", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.4 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.9 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-28002", datePublished: "2023-11-14T18:05:12.283Z", dateReserved: "2023-03-09T10:09:33.120Z", dateUpdated: "2024-10-18T14:54:04.182Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-55591
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-23 04:55
Severity ?
EPSS score ?
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-55591", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-22T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-01-14", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-01-23T04:55:42.893Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.12", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:08:34.207Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-535", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.0.17 or above \nPlease upgrade to FortiProxy version 7.2.13 or above \nPlease upgrade to FortiProxy version 7.0.20 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-55591", datePublished: "2025-01-14T14:08:34.207Z", dateReserved: "2024-12-09T11:19:49.470Z", dateUpdated: "2025-01-23T04:55:42.893Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38378
Vulnerability from cvelistv5
Published
2023-02-16 18:06
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.7 Version: 6.4.0 ≤ 6.4.11 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:54:03.429Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-346", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-346", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38378", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:33.317354Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:49:30.558Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "Escalation of privilege", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:06:36.339Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-346", url: "https://fortiguard.com/psirt/FG-IR-22-346", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.1 or above Please upgrade to FortiOS version 7.0.8 or above Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-38378", datePublished: "2023-02-16T18:06:36.339Z", dateReserved: "2022-08-16T14:17:48.481Z", dateUpdated: "2024-10-22T20:49:30.558Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29055
Vulnerability from cvelistv5
Published
2022-10-10 00:00
Modified
2024-10-25 13:29
Severity ?
EPSS score ?
Summary
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 2.0.9, 2.0.8, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:10:59.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-086", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-29055", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:15:53.388887Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:29:37.823Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 2.0.9, 2.0.8, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6", }, ], }, ], descriptions: [ { lang: "en", value: "A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 7.3, temporalSeverity: "HIGH", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-18T00:00:00", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { url: "https://fortiguard.com/psirt/FG-IR-22-086", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-29055", datePublished: "2022-10-10T00:00:00", dateReserved: "2022-04-11T00:00:00", dateUpdated: "2024-10-25T13:29:37.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36640
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 16:52
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 Version: 2.0.0 ≤ 2.0.14 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.0.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.2.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-36640", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-14T17:49:03.425796Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:25:49.629Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T16:52:54.010Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-14T16:19:21.747Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-36640", datePublished: "2024-05-14T16:19:21.747Z", dateReserved: "2023-06-25T18:03:39.227Z", dateUpdated: "2024-08-02T16:52:54.010Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-13383
Vulnerability from cvelistv5
Published
2019-05-29 17:20
Modified
2024-10-23 13:33
Severity ?
EPSS score ?
Summary
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-388 | x_refsource_CONFIRM | |
| https://fortiguard.com/advisory/FG-IR-20-229 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS and FortiProxy |
Version: FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:00:35.101Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-18-388", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-229", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-13383", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:33:02.861324Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-01-10", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-13383", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-23T13:33:26.711Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS and FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier", }, ], }, ], datePublic: "2019-04-02T00:00:00", descriptions: [ { lang: "en", value: "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-09T16:01:31", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-18-388", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-229", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2018-13383", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS and FortiProxy", version: { version_data: [ { version_value: "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "Low", baseScore: 4.2, baseSeverity: "Medium", confidentialityImpact: "None", integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-18-388", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-18-388", }, { name: "https://fortiguard.com/advisory/FG-IR-20-229", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-229", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2018-13383", datePublished: "2019-05-29T17:20:03", dateReserved: "2018-07-06T00:00:00", dateUpdated: "2024-10-23T13:33:26.711Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-23111
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2025-05-01 03:55
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.13 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "7.4.2", status: "affected", version: "7.4.0", versionType: "custom", }, { lessThan: "7.2.8", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThan: "7.0.14", status: "affected", version: "7.0.0", versionType: "custom", }, { lessThan: "2.1.0", status: "affected", version: "2.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, { lessThan: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, { lessThan: "7.0.13", status: "affected", version: "7.0.0", versionType: "custom", }, { lessThan: "6.5.0", status: "affected", version: "6.4.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-23111", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "manipulation", }, ], role: "CISA Coordinator", timestamp: "2024-08-07T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-05-01T03:55:29.141Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:51:11.306Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", tags: [ "x_transferred", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-19T05:18:38.679Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-471", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.15 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-23111", datePublished: "2024-06-11T14:32:00.312Z", dateReserved: "2024-01-11T16:29:07.979Z", dateUpdated: "2025-05-01T03:55:29.141Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-42789
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-08-12 18:00
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.0 ≤ 7.0.12 Version: 6.4.0 ≤ 6.4.14 Version: 6.2.0 ≤ 6.2.15 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:30:24.297Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { status: "affected", version: "7.4.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-42789", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-15T16:38:32.476430Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-12T18:00:28.370Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-12T15:09:18.416Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above\r\nPlease upgrade to FortiOS version 7.2.6 or above\r\nPlease upgrade to FortiOS version 7.0.13 or above\r\nPlease upgrade to FortiOS version 6.4.15 or above\r\nPlease upgrade to FortiOS version 6.2.16 or above\r\nPlease upgrade to FortiProxy version 7.4.1 or above\r\nPlease upgrade to FortiProxy version 7.2.7 or above\r\nPlease upgrade to FortiProxy version 7.0.13 or above\r\nPlease upgrade to FortiProxy version 2.0.14 or above\r\nFortinet in Q3/23 has remediated this issue in FortiSASE version 23.3.b and hence the customers need not perform any action.\r\n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-42789", datePublished: "2024-03-12T15:09:18.416Z", dateReserved: "2023-09-14T08:37:38.657Z", dateUpdated: "2024-08-12T18:00:28.370Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41329
Vulnerability from cvelistv5
Published
2023-03-07 16:22
Modified
2024-10-23 14:31
Severity ?
EPSS score ?
Summary
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.2 Version: 7.0.0 ≤ 7.0.8 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:46.191Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-364", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-364", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41329", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:15:40.630242Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:31:07.124Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.3", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-07T16:22:02.418Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-364", url: "https://fortiguard.com/psirt/FG-IR-22-364", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.11 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41329", datePublished: "2023-03-07T16:22:02.418Z", dateReserved: "2022-09-23T15:07:35.781Z", dateUpdated: "2024-10-23T14:31:07.124Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29175
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 2.0.0 ≤ 2.0.12 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-468", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-468", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-29175", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:56.986398Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:45:26.647Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.13", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-295", description: "Information disclosure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:48.433Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-468", url: "https://fortiguard.com/psirt/FG-IR-22-468", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.1 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29175", datePublished: "2023-06-13T08:41:48.433Z", dateReserved: "2023-04-03T08:47:30.451Z", dateUpdated: "2024-10-22T20:45:26.647Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26011
Vulnerability from cvelistv5
Published
2024-11-12 18:53
Modified
2024-11-13 18:44
Severity ?
EPSS score ?
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiManager |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.11 Version: 6.4.0 ≤ 6.4.14 cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-26011", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T18:44:31.679521Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:44:42.785Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiPortal", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.0.14", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.3.8", status: "affected", version: "5.3.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T18:53:56.665Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiManager version 7.4.3 or above \nPlease upgrade to FortiManager version 7.2.5 or above \nPlease upgrade to FortiManager version 7.0.12 or above \nPlease upgrade to FortiManager version 6.4.15 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \nPlease upgrade to FortiPortal version 6.0.15 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26011", datePublished: "2024-11-12T18:53:56.665Z", dateReserved: "2024-02-14T09:18:43.245Z", dateUpdated: "2024-11-13T18:44:42.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37930
Vulnerability from cvelistv5
Published
2025-04-08 14:03
Modified
2025-04-09 04:00
Severity ?
EPSS score ?
Summary
Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN webmode version 7.2.0 through 7.2.6 and version 7.0.0 through 7.0.12 allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.1 ≤ 7.0.11 Version: 6.4.7 ≤ 6.4.14 cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-37930", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-08T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-09T04:00:40.351Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.1", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.7", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE-834] vulnerabilities in Fortinet FortiOS SSL VPN webmode version 7.4.0, version 7.2.0 through 7.2.5, version 7.0.1 through 7.0.11 and version 6.4.7 through 6.4.14 and Fortinet FortiProxy SSL VPN webmode version 7.2.0 through 7.2.6 and version 7.0.0 through 7.0.12 allows a VPN user to corrupt memory potentially leading to code or commands execution via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-908", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-08T14:03:38.016Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-165", url: "https://fortiguard.com/psirt/FG-IR-23-165", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.1 or above\r\nPlease upgrade to FortiOS version 7.2.6 or above\r\nPlease upgrade to FortiOS version 7.0.13 or above\r\nPlease upgrade to FortiOS version 6.4.15 or above\r\nPlease upgrade to FortiOS version 6.4.14 or above\r\nPlease upgrade to FortiProxy version 7.4.0 or above\r\nPlease upgrade to FortiProxy version 7.2.7 or above\r\nPlease upgrade to FortiProxy version 7.0.13 or above\r\n\r\nFortiSASE is no longer impacted, issue remediated Q3/23\r\n\r\n## Workaround:\r\n\r\n\r\nDisable SSLVPN webmode.\r\n\r\nAlternatively, please use SSLVPN tunnel mode, IPsec (tunnel) or ZTNA (web access).\r\n\r\nhttps://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-disable-SSL-VPN-Web-Mode-or-Tunnel-Mode-in/ta-p/217990\r\n\r\nhttps://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/45836/ssl-vpn-to-ipsec-vpn\r\n\r\nhttps://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/78050/migrating-from-ssl-vpn-to-ztna", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-37930", datePublished: "2025-04-08T14:03:38.016Z", dateReserved: "2023-07-11T08:16:54.092Z", dateUpdated: "2025-04-09T04:00:40.351Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-45583
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 20:21
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.0.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.2.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-45583", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-14T17:49:39.269934Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:19:59.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T20:21:16.756Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.1.0", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-14T16:19:18.797Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-45583", datePublished: "2024-05-14T16:19:18.797Z", dateReserved: "2023-10-09T08:01:29.296Z", dateUpdated: "2024-08-02T20:21:16.756Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52963
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:57
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.5 Version: 7.2.0 ≤ 7.2.13 Version: 7.0.0 ≤ 7.0.20 Version: 2.0.0 ≤ 2.0.14 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-52963", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:15:33.947500Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T20:57:21.296Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.5", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.13", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.20", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.6", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.4.2", status: "affected", version: "1.4.0", versionType: "semver", }, { lessThanOrEqual: "1.3.1", status: "affected", version: "1.3.0", versionType: "semver", }, { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:08:31.001Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-373", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-373", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.6.1 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-52963", datePublished: "2025-01-14T14:08:31.001Z", dateReserved: "2024-11-18T13:36:52.465Z", dateUpdated: "2025-01-14T20:57:21.296Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-13380
Vulnerability from cvelistv5
Published
2019-06-04 20:12
Modified
2024-10-25 14:06
Severity ?
EPSS score ?
Summary
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-383 | x_refsource_CONFIRM | |
| https://fortiguard.com/advisory/FG-IR-20-230 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS and FortiProxy |
Version: FortiGate 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4.0 through 5.4.12, 5.2 and earlier and FortiProxy versions 2.0.0, 1.2.8 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:00:34.992Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-18-383", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-230", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-13380", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:59:56.106542Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T14:06:52.781Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS and FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiGate 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4.0 through 5.4.12, 5.2 and earlier and FortiProxy versions 2.0.0, 1.2.8 and earlier", }, ], }, ], datePublic: "2019-05-24T00:00:00", descriptions: [ { lang: "en", value: "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-10T16:39:29", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-18-383", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-230", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2018-13380", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS and FortiProxy", version: { version_data: [ { version_value: "FortiGate 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4.0 through 5.4.12, 5.2 and earlier and FortiProxy versions 2.0.0, 1.2.8 and earlier", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 4.6, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "None", privilegesRequired: "None", scope: "Changed", userInteraction: "Required", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Execute unauthorized code or commands", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-18-383", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-18-383", }, { name: "https://fortiguard.com/advisory/FG-IR-20-230", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-230", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2018-13380", datePublished: "2019-06-04T20:12:06", dateReserved: "2018-07-06T00:00:00", dateUpdated: "2024-10-25T14:06:52.781Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26006
Vulnerability from cvelistv5
Published
2025-03-14 09:24
Modified
2025-03-15 03:55
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.9 Version: 7.0.0 ≤ 7.0.16 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-26006", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-14T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-15T03:55:20.175Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.16", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS version 7.4.3 and below, version 7.2.7 and below, version 7.0.13 and below and FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via a malicious samba server.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:X/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-14T09:24:56.620Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-485", url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-485", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \nPlease upgrade to FortiProxy version 7.0.17 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.14 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26006", datePublished: "2025-03-14T09:24:56.620Z", dateReserved: "2024-02-14T09:18:43.245Z", dateUpdated: "2025-03-15T03:55:20.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21762
Vulnerability from cvelistv5
Published
2024-02-09 08:14
Modified
2025-04-24 15:49
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.14 Version: 2.0.0 ≤ 2.0.13 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "2.0.14", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "7.0.15", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "7.2.9", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThan: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "6.2.16", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "6.4.15", status: "affected", version: "6.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.0.14", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThan: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-21762", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-02-12T17:59:22.915991Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-02-09", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-21762", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-04-24T15:49:22.420Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:27:36.250Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-015", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-24-015", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-09T08:14:25.954Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-015", url: "https://fortiguard.com/psirt/FG-IR-24-015", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.15 or above \nPlease upgrade to FortiProxy version 2.0.14 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.3 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiOS version 6.4.15 or above \nPlease upgrade to FortiOS version 6.2.16 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-21762", datePublished: "2024-02-09T08:14:25.954Z", dateReserved: "2024-01-02T10:15:00.527Z", dateUpdated: "2025-04-24T15:49:22.420Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-46670
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:56
Severity ?
EPSS score ?
Summary
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.6.0 Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.9 cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-46670", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:18:06.282792Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T20:56:44.074Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.5", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.11", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.18", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.4.1", status: "affected", version: "1.4.0", versionType: "semver", }, { status: "affected", version: "1.3.0", }, { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:08:41.759Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-266", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-266", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiSASE version 24.3.c or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-46670", datePublished: "2025-01-14T14:08:41.759Z", dateReserved: "2024-09-11T12:14:59.205Z", dateUpdated: "2025-01-14T20:56:44.074Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43206
Vulnerability from cvelistv5
Published
2022-05-04 15:25
Modified
2024-10-22 20:57
Severity ?
EPSS score ?
Summary
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-231 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:47:13.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-231", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-43206", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:19:35.576131Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:57:35.305Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 4.1, temporalSeverity: "MEDIUM", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-04T15:25:26", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-21-231", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-43206", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 4.1, baseSeverity: "Medium", confidentialityImpact: "Low", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "Required", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-21-231", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-21-231", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-43206", datePublished: "2022-05-04T15:25:26", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-10-22T20:57:35.305Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-42790
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-09-17 14:08
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 Version: 2.0.0 ≤ 2.0.13 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:30:24.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-42790", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-16T04:00:43.736004Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T14:04:47.192Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T14:08:06.101Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above\r\nPlease upgrade to FortiOS version 7.2.6 or above\r\nPlease upgrade to FortiOS version 7.0.13 or above\r\nPlease upgrade to FortiOS version 6.4.15 or above\r\nPlease upgrade to FortiOS version 6.2.16 or above\r\nPlease upgrade to FortiProxy version 7.4.1 or above\r\nPlease upgrade to FortiProxy version 7.2.7 or above\r\nPlease upgrade to FortiProxy version 7.0.13 or above\r\nPlease upgrade to FortiProxy version 2.0.14 or above\r\nFortinet in Q3/23 has remediated this issue in FortiSASE version 23.3.b and hence the customers need not perform any action.", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-42790", datePublished: "2024-03-12T15:09:17.594Z", dateReserved: "2023-09-14T08:37:38.657Z", dateUpdated: "2024-09-17T14:08:06.101Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-48886
Vulnerability from cvelistv5
Published
2025-01-14 14:09
Modified
2025-01-14 20:54
Severity ?
EPSS score ?
Summary
A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.15 Version: 6.4.0 ≤ 6.4.15 cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-48886", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T15:16:27.567437Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T20:54:42.523Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.17", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1390", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T14:09:34.647Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-221", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiManager Cloud version 7.6.2 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiAnalyzer version 7.6.2 or above \nPlease upgrade to FortiAnalyzer version 7.4.4 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.6.2 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.4.4 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.5 or above \nPlease upgrade to FortiProxy version 7.2.11 or above \nPlease upgrade to FortiProxy version 7.0.18 or above \nPlease upgrade to FortiProxy version 2.0.15 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-48886", datePublished: "2025-01-14T14:09:34.647Z", dateReserved: "2024-10-09T09:03:09.960Z", dateUpdated: "2025-01-14T20:54:42.523Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-13379
Vulnerability from cvelistv5
Published
2019-06-04 20:18
Modified
2024-10-23 13:32
Severity ?
EPSS score ?
Summary
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-384 | x_refsource_CONFIRM | |
| https://www.fortiguard.com/psirt/FG-IR-20-233 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:00:35.028Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-18-384", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-233", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-13379", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:32:05.098252Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-13379", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-23T13:32:35.204Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, ], datePublic: "2019-05-24T00:00:00", descriptions: [ { lang: "en", value: "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Information disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-03T10:29:56", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-18-384", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.fortiguard.com/psirt/FG-IR-20-233", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2018-13379", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12, FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "High", baseScore: 8.9, baseSeverity: "High", confidentialityImpact: "High", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-18-384", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-18-384", }, { name: "https://www.fortiguard.com/psirt/FG-IR-20-233", refsource: "CONFIRM", url: "https://www.fortiguard.com/psirt/FG-IR-20-233", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2018-13379", datePublished: "2019-06-04T20:18:08", dateReserved: "2018-07-06T00:00:00", dateUpdated: "2024-10-23T13:32:35.204Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-13381
Vulnerability from cvelistv5
Published
2019-06-04 20:26
Modified
2024-10-25 14:29
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-387 | x_refsource_CONFIRM | |
| https://fortiguard.com/advisory/FG-IR-20-232 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS and FortiProxy |
Version: FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:00:35.119Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-18-387", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-20-232", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-13381", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-24T20:09:54.861955Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T14:29:10.377Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS and FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier.", }, ], }, ], datePublic: "2019-05-17T00:00:00", descriptions: [ { lang: "en", value: "A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-09T16:04:07", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-18-387", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-20-232", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2018-13381", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS and FortiProxy", version: { version_data: [ { version_value: "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier.", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "Low", baseScore: 5.2, baseSeverity: "Medium", confidentialityImpact: "None", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-18-387", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-18-387", }, { name: "https://fortiguard.com/advisory/FG-IR-20-232", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-20-232", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2018-13381", datePublished: "2019-06-04T20:26:34", dateReserved: "2018-07-06T00:00:00", dateUpdated: "2024-10-25T14:29:10.377Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-42755
Vulnerability from cvelistv5
Published
2022-07-18 16:35
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-155 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy |
Version: FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:38:50.211Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-21-155", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 4.2, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-18T16:35:20", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/psirt/FG-IR-21-155", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-42755", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy", version: { version_data: [ { version_value: "FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Adjacent", availabilityImpact: "Low", baseScore: 4.2, baseSeverity: "Medium", confidentialityImpact: "None", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of service", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/psirt/FG-IR-21-155", refsource: "CONFIRM", url: "https://fortiguard.com/psirt/FG-IR-21-155", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-42755", datePublished: "2022-07-18T16:35:20", dateReserved: "2021-10-20T00:00:00", dateUpdated: "2024-08-04T03:38:50.211Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15706
Vulnerability from cvelistv5
Published
2025-03-17 13:05
Modified
2025-03-17 13:53
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS).
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 2.0.0 Version: 1.2.0 ≤ 1.2.9 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2019-15706", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-17T13:53:23.673713Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-17T13:53:31.962Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "2.0.0", }, { lessThanOrEqual: "1.2.9", status: "affected", version: "1.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.2.1", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.8", status: "affected", version: "6.0.0", versionType: "semver", }, { status: "affected", version: "5.6.12", }, ], }, ], descriptions: [ { lang: "en", value: "An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-17T13:05:08.965Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-19-223", url: "https://fortiguard.fortinet.com/psirt/FG-IR-19-223", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 2.0.1 or above. Please upgrade to FortiProxy version 1.2.10 or above.", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2019-15706", datePublished: "2025-03-17T13:05:08.965Z", dateReserved: "2019-08-27T00:00:00.000Z", dateUpdated: "2025-03-17T13:53:31.962Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-23112
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-08-01 22:51
Severity ?
EPSS score ?
Summary
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.1 ≤ 7.0.13 Version: 6.4.7 ≤ 6.4.14 |
||||||
|
|||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.1", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.7", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-23112", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-16T04:00:42.744773Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-25T15:56:14.854Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:51:11.269Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-013", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-24-013", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.1", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.7", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-639", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-12T15:09:17.877Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-013", url: "https://fortiguard.com/psirt/FG-IR-24-013", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiOS version 6.4.15 or above \nPlease upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.15 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-23112", datePublished: "2024-03-12T15:09:17.877Z", dateReserved: "2024-01-11T16:29:07.979Z", dateUpdated: "2024-08-01T22:51:11.269Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-40684
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-10-23 13:28
Severity ?
EPSS score ?
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy, FortiSwitchManager |
Version: FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:21:46.541Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-40684", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:27:43.070187Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-10-11", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-40684", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T13:28:36.659Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy, FortiSwitchManager", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "HIGH", privilegesRequired: "NONE", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 9.6, temporalSeverity: "CRITICAL", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-27T00:00:00", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-40684", datePublished: "2022-10-18T00:00:00", dateReserved: "2022-09-14T00:00:00", dateUpdated: "2024-10-23T13:28:36.659Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39948
Vulnerability from cvelistv5
Published
2023-02-16 18:06
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.0.0 ≤ 7.0.6 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:07:42.943Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-257", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-257", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-39948", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:34.434332Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:49:38.976Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:U/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-295", description: "Information disclosure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:06:29.870Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-257", url: "https://fortiguard.com/psirt/FG-IR-22-257", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.0 or above Please upgrade to FortiProxy version 7.0.7 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.8 or above ", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-39948", datePublished: "2023-02-16T18:06:29.870Z", dateReserved: "2022-09-05T13:11:35.552Z", dateUpdated: "2024-10-22T20:49:38.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41024
Vulnerability from cvelistv5
Published
2021-12-08 12:11
Modified
2024-10-25 13:41
Severity ?
EPSS score ?
Summary
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-181 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.0.1, 7.0.0 FortiProxy 7.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:59:31.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://fortiguard.com/advisory/FG-IR-21-181", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-41024", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:16:07.290505Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T13:41:11.256Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.0.1, 7.0.0 FortiProxy 7.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 7.3, temporalSeverity: "HIGH", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:X/RC:X", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Escalation of privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-08T12:11:04", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://fortiguard.com/advisory/FG-IR-21-181", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@fortinet.com", ID: "CVE-2021-41024", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Fortinet FortiOS", version: { version_data: [ { version_value: "FortiOS 7.0.1, 7.0.0 FortiProxy 7.0.0", }, ], }, }, ], }, vendor_name: "Fortinet", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.", }, ], }, impact: { cvss: { attackComplexity: "Low", attackVector: "Network", availabilityImpact: "None", baseScore: 7.3, baseSeverity: "High", confidentialityImpact: "High", integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", userInteraction: "None", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:X/RC:X", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://fortiguard.com/advisory/FG-IR-21-181", refsource: "CONFIRM", url: "https://fortiguard.com/advisory/FG-IR-21-181", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2021-41024", datePublished: "2021-12-08T12:11:04", dateReserved: "2021-09-13T00:00:00", dateUpdated: "2024-10-25T13:41:11.256Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26013
Vulnerability from cvelistv5
Published
2025-04-08 14:03
Modified
2025-04-09 04:00
Severity ?
EPSS score ?
Summary
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9 and before 7.0.15, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2 before 6.4.8 and Fortinet FortiWeb before 7.4.2 may allow an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.9 Version: 7.0.0 ≤ 7.0.15 Version: 2.0.0 ≤ 2.0.14 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-26013", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-08T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-09T04:00:42.113Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9 and before 7.0.15, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2 before 6.4.8 and Fortinet FortiWeb before 7.4.2 may allow an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-923", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-08T14:03:49.230Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-046", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-046", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \nPlease upgrade to FortiProxy version 7.0.16 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiOS version 6.2.17 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.3 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSASE version 23.1 or above \nPlease upgrade to FortiManager version 7.4.3 or above \nPlease upgrade to FortiManager version 7.2.5 or above \nPlease upgrade to FortiManager version 7.0.12 or above \nPlease upgrade to FortiManager version 6.4.15 or above \nPlease upgrade to FortiManager version 6.2.14 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiAnalyzer version 7.4.3 or above \nPlease upgrade to FortiAnalyzer version 7.2.5 or above \nPlease upgrade to FortiAnalyzer version 7.0.12 or above \nPlease upgrade to FortiAnalyzer version 6.4.15 or above \nPlease upgrade to FortiAnalyzer version 6.2.14 or above \nPlease upgrade to FortiGate Cloud version 24.5 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26013", datePublished: "2025-04-08T14:03:49.230Z", dateReserved: "2024-02-14T09:18:43.246Z", dateUpdated: "2025-04-09T04:00:42.113Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33305
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiWeb |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.6 Version: 6.4.0 ≤ 6.4.3 Version: 6.3.0 ≤ 6.3.23 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:39:36.126Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-375", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-375", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33305", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:54.739280Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:45:10.279Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.3", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.3.23", status: "affected", version: "6.3.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.13", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "semver", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:H/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-835", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:49.501Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-375", url: "https://fortiguard.com/psirt/FG-IR-22-375", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiPAM version 1.0.0 or above\r\nPlease upgrade to FortiWeb version 7.2.2 or above\r\nPlease upgrade to FortiWeb version 7.0.7 or above\r\nPlease upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-33305", datePublished: "2023-06-13T08:41:49.501Z", dateReserved: "2023-05-22T07:58:22.197Z", dateUpdated: "2024-10-22T20:45:10.279Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25610
Vulnerability from cvelistv5
Published
2025-03-24 15:39
Modified
2025-03-24 18:42
Severity ?
EPSS score ?
Summary
A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.1 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-25610", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-24T16:26:39.771566Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-24T18:42:44.673Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAnalyzer", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.10", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.11", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiOS-6K7K", vendor: "Fortinet", versions: [ { status: "affected", version: "7.0.5", }, { status: "affected", version: "6.4.10", }, { status: "affected", version: "6.4.8", }, { status: "affected", version: "6.4.6", }, { status: "affected", version: "6.4.2", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.9", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.6", versionType: "semver", }, { status: "affected", version: "6.2.4", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.12", versionType: "semver", }, { status: "affected", version: "6.0.10", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "semver", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.10", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.11", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.2", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.3.22", status: "affected", version: "6.3.0", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.3", status: "affected", version: "6.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-124", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-24T15:39:48.167Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-001", url: "https://fortiguard.com/psirt/FG-IR-23-001", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above\r\nPlease upgrade to FortiWeb version 7.2.2 or above\r\nPlease upgrade to FortiWeb version 7.0.7 or above\r\nPlease upgrade to FortiWeb version 6.4.3 or above\r\nPlease upgrade to FortiWeb version 6.3.23 or above\r\nPlease upgrade to FortiWeb version 6.2.8 or above\r\nPlease upgrade to FortiWeb version 6.1.4 or above\r\nPlease upgrade to upcoming FortiOS version 6.0.17 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiManager version 7.2.1 or above\r\nPlease upgrade to FortiManager version 7.0.5 or above\r\nPlease upgrade to FortiManager version 6.4.12 or above\r\nPlease upgrade to FortiManager version 6.2.11 or above\r\nPlease upgrade to FortiManager version 6.0.12 or above\r\nPlease upgrade to FortiOS-6K7K version 7.0.10 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.13 or above\r\nPlease upgrade to FortiAnalyzer version 7.2.1 or above\r\nPlease upgrade to FortiAnalyzer version 7.0.5 or above\r\nPlease upgrade to FortiAnalyzer version 6.4.12 or above\r\nPlease upgrade to FortiAnalyzer version 6.2.11 or above\r\nPlease upgrade to FortiAnalyzer version 6.0.12 or above\r\n\r\n\r\n## Workaround for FortiOS:\r\n\r\n\r\n\r\nDisable HTTP/HTTPS administrative interface\r\n\r\nOR\r\n\r\nLimit IP addresses that can reach the administrative interface:\r\n\r\n\r\n```\r\nconfig firewall address\r\nedit my_allowed_addresses\r\nset subnet Y IP MY SUBNET\r\nend\r\n```\r\n\r\nThen create an Address Group:\r\n\r\n\r\n```\r\nconfig firewall addrgrp\r\nedit MGMT_IPs\r\nset member my_allowed_addresses\r\nend\r\n```\r\n\r\nCreate the Local in Policy to restrict access only to the predefined group on management interface (here: port1):\r\n\r\n\r\n```\r\nconfig firewall local-in-policy\r\nedit 1\r\nset intf port1\r\nset srcaddr MGMT_IPs\r\nset dstaddr all\r\nset action accept\r\nset service HTTPS HTTP\r\nset schedule always\r\nset status enable\r\nnext\r\n\r\n\r\n\r\nedit 2\r\nset intf any\r\nset srcaddr all\r\nset dstaddr all\r\nset action deny\r\nset service HTTPS HTTP\r\nset schedule always\r\nset status enable\r\nend\r\n```\r\n\r\n\r\nIf using non default ports, create appropriate service object for GUI administrative access:\r\n\r\n```\r\nconfig firewall service custom\r\nedit GUI_HTTPS\r\nset tcp-portrange admin-sport\r\nnext\r\nedit GUI_HTTP\r\nset tcp-portrange admin-port\r\nend\r\n```\r\n\r\n\r\nUse these objects instead of \"HTTPS HTTP\" in the local-in policy 1 and 2 below.\r\n\r\n\r\nWhen using an HA reserved management interface, the local in policy needs to be configured slightly differently - please see: \r\n\r\nhttps://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-a-local-in-policy-on-a-HA/ta-p/222005\r\n\r\nPlease contact customer support for assistance.\r\n\r\n\r\n## Workaround for FortiManager and FortiAnalyzer:\r\n\r\n\r\nLimit IP addresses that can reach the administrative interface\r\n\r\n\r\n## Workaround for FortiWeb:\r\n\r\n\r\n\r\nDisable HTTP/HTTPS administrative interface\r\n\r\nOR\r\n\r\nLimit IP addresses that can reach the administrative interface", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-25610", datePublished: "2025-03-24T15:39:48.167Z", dateReserved: "2023-02-08T13:42:03.367Z", dateUpdated: "2025-03-24T18:42:44.673Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-45324
Vulnerability from cvelistv5
Published
2025-03-11 14:54
Modified
2025-03-12 04:00
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0 through 1.4.2 and before 1.3.1, FortiSRA version 1.4.0 through 1.4.2 and before 1.3.1 and FortiWeb version 7.4.0 through 7.4.5, version 7.2.0 through 7.2.10 and before 7.0.10 allows a privileged attacker to execute unauthorized code or commands via specially crafted HTTP or HTTPS commands.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.4.0 ≤ 1.4.2 Version: 1.3.0 ≤ 1.3.1 Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:* |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-45324", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-11T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-12T04:00:50.935Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.4.2", status: "affected", version: "1.4.0", versionType: "semver", }, { lessThanOrEqual: "1.3.1", status: "affected", version: "1.3.0", versionType: "semver", }, { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.6", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.12", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortisra:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisra:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisra:1.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiSRA", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.4.2", status: "affected", version: "1.4.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { status: "affected", version: "7.6.0", }, { lessThanOrEqual: "7.4.5", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.4", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0 through 1.4.2 and before 1.3.1, FortiSRA version 1.4.0 through 1.4.2 and before 1.3.1 and FortiWeb version 7.4.0 through 7.4.5, version 7.2.0 through 7.2.10 and before 7.0.10 allows a privileged attacker to execute unauthorized code or commands via specially crafted HTTP or HTTPS commands.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T14:54:33.810Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-325", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-325", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiPAM version 1.5.0 or above \nPlease upgrade to FortiPAM version 1.4.3 or above \nPlease upgrade to FortiPAM version 1.3.2 or above \nPlease upgrade to FortiProxy version 7.6.1 or above \nPlease upgrade to FortiProxy version 7.4.7 or above \nPlease upgrade to FortiProxy version 7.2.13 or above \nPlease upgrade to FortiProxy version 7.0.20 or above \nPlease upgrade to FortiSRA version 1.5.0 or above \nPlease upgrade to FortiSRA version 1.4.3 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.6 or above \nPlease upgrade to FortiWeb version 7.2.11 or above \nPlease upgrade to FortiWeb version 7.0.11 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiOS version 6.4.16 or above \nPlease upgrade to FortiSASE version 24.4.b1 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-45324", datePublished: "2025-03-11T14:54:33.810Z", dateReserved: "2024-08-27T06:43:07.250Z", dateUpdated: "2025-03-12T04:00:50.935Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29178
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 2.0.0 ≤ 2.0.12 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:15.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-095", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-095", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-29178", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:17:55.847522Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:45:18.608Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.12", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.13", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-824", description: "Denial of service", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:48.959Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-095", url: "https://fortiguard.com/psirt/FG-IR-23-095", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-29178", datePublished: "2023-06-13T08:41:48.959Z", dateReserved: "2023-04-03T08:47:30.452Z", dateUpdated: "2024-10-22T20:45:18.608Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21754
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2025-05-01 03:55
Severity ?
EPSS score ?
Summary
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.10 Version: 7.0.0 ≤ 7.0.17 Version: 2.0.0 ≤ 2.0.14 |
||||||
|
|||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-21754", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "egress", }, ], role: "CISA Coordinator", timestamp: "2024-08-07T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-05-01T03:55:28.175Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:27:36.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", tags: [ "x_transferred", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.10", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.17", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 1.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N/E:F/RL:X/RC:R", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-916", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T14:32:01.335Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-423", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiOS version 7.4.4 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-21754", datePublished: "2024-06-11T14:32:01.335Z", dateReserved: "2024-01-02T10:15:00.526Z", dateUpdated: "2025-05-01T03:55:28.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23439
Vulnerability from cvelistv5
Published
2025-01-22 09:10
Modified
2025-01-22 14:21
Severity ?
EPSS score ?
Summary
A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiTester |
Version: 7.2.0 ≤ 7.2.1 Version: 7.1.0 ≤ 7.1.1 Version: 7.0.0 Version: 4.2.0 ≤ 4.2.1 Version: 4.1.0 ≤ 4.1.1 Version: 4.0.0 Version: 3.9.0 ≤ 3.9.2 Version: 3.8.0 Version: 3.7.0 ≤ 3.7.1 Version: 3.6.0 Version: 3.5.0 ≤ 3.5.1 Version: 3.4.0 Version: 3.3.0 ≤ 3.3.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2022-23439", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-22T14:21:27.552014Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-22T14:21:36.714Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiTester", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.1.1", status: "affected", version: "7.1.0", versionType: "semver", }, { status: "affected", version: "7.0.0", }, { lessThanOrEqual: "4.2.1", status: "affected", version: "4.2.0", versionType: "semver", }, { lessThanOrEqual: "4.1.1", status: "affected", version: "4.1.0", versionType: "semver", }, { status: "affected", version: "4.0.0", }, { lessThanOrEqual: "3.9.2", status: "affected", version: "3.9.0", versionType: "semver", }, { status: "affected", version: "3.8.0", }, { lessThanOrEqual: "3.7.1", status: "affected", version: "3.7.0", versionType: "semver", }, { status: "affected", version: "3.6.0", }, { lessThanOrEqual: "3.5.1", status: "affected", version: "3.5.0", versionType: "semver", }, { status: "affected", version: "3.4.0", }, { lessThanOrEqual: "3.3.1", status: "affected", version: "3.3.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.5", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThan: "6.4.*", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortimail:7.2.*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiMail", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.8", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.9", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.12", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.4.12", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThan: "7.2.*", status: "affected", version: "7.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiSwitch", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.10", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.8", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.7", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiDDoS-F", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.3.3", status: "affected", version: "6.3.0", versionType: "semver", }, { lessThanOrEqual: "6.2.3", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.5", status: "affected", version: "6.1.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiRecorder", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.4.2", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.0.10", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "2.7.7", status: "affected", version: "2.7.0", versionType: "semver", }, { lessThanOrEqual: "2.6.3", status: "affected", version: "2.6.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiNDR", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.1.0", }, { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "1.5.3", status: "affected", version: "1.5.0", versionType: "semver", }, { status: "affected", version: "1.4.0", }, { lessThanOrEqual: "1.3.1", status: "affected", version: "1.3.0", versionType: "semver", }, { status: "affected", version: "1.2.0", }, { status: "affected", version: "1.1.0", }, ], }, { cpes: [ "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiADC", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.2.3", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.6", status: "affected", version: "6.1.0", versionType: "semver", }, { lessThanOrEqual: "6.0.4", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.4.5", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.3.7", status: "affected", version: "5.3.0", versionType: "semver", }, { lessThanOrEqual: "5.2.8", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.1.7", status: "affected", version: "5.1.0", versionType: "semver", }, { lessThanOrEqual: "5.0.4", status: "affected", version: "5.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiSOAR", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.4", status: "affected", version: "6.4.3", versionType: "semver", }, { lessThanOrEqual: "6.4.1", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiVoice", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.8", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.0.11", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiDDoS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "5.5.1", status: "affected", version: "5.5.0", versionType: "semver", }, { lessThanOrEqual: "5.4.3", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.3.2", status: "affected", version: "5.3.0", versionType: "semver", }, { status: "affected", version: "5.2.0", }, { status: "affected", version: "5.1.0", }, { status: "affected", version: "5.0.0", }, { status: "affected", version: "4.7.0", }, { status: "affected", version: "4.6.0", }, { status: "affected", version: "4.5.0", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiWLC", vendor: "Fortinet", versions: [ { lessThanOrEqual: "8.6.7", status: "affected", version: "8.6.0", versionType: "semver", }, { lessThanOrEqual: "8.5.5", status: "affected", version: "8.5.0", versionType: "semver", }, { lessThanOrEqual: "8.4.8", status: "affected", version: "8.4.4", versionType: "semver", }, { lessThanOrEqual: "8.4.2", status: "affected", version: "8.4.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAnalyzer", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.13", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiPortal", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.0.9", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAuthenticator", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.4.1", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.3.3", status: "affected", version: "6.3.0", versionType: "semver", }, { lessThanOrEqual: "6.2.2", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.3", status: "affected", version: "6.1.0", versionType: "semver", }, { lessThanOrEqual: "6.0.8", status: "affected", version: "6.0.0", versionType: "semver", }, { status: "affected", version: "5.5.0", }, { lessThanOrEqual: "5.4.1", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.3.1", status: "affected", version: "5.3.0", versionType: "semver", }, { lessThanOrEqual: "5.2.2", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.1.2", status: "affected", version: "5.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-610", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-22T09:10:28.669Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-21-254", url: "https://fortiguard.com/psirt/FG-IR-21-254", }, ], solutions: [ { lang: "en", value: "FortiOS\nAdministrative Interface\nPlease upgrade to FortiOS version 7.0.6 and above,\nPlease upgrade to FortiOS version 7.2.1 and above.\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebfilter interface (port 8008)\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nPlease upgrade to FortiOS version 7.0.12 or above\nPlease upgrade to FortiOS version 6.4.13 or above\n\nFortiProxy\nAdministrative Interface\nPlease upgrade to FortiProxy version 7.0.5 and above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiProxy version 7.4.0 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebFilter interface (port 8008)\nPlease upgrade to FortiProxy version 7.4.0 or above\n\nPlease upgrade to FortiRecorder version 7.0.0 or above \nPlease upgrade to FortiRecorder version 6.4.3 or above \nPlease upgrade to FortiRecorder version 6.0.11 or above \nPlease upgrade to FortiNDR version 7.4.0 or above\n\nFortiNDR\nPlease upgrade to FortiNDR version 7.2.1 or above\nPlease upgrade to FortiNDR version 7.1.1 or above\nAND\nSet the `https-redirect-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n set https-redirect-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection\"\nend\n\nFortiADC\nPlease upgrade to FortiADC version 7.1.0 or above\nPlease upgrade to FortiADC version 7.0.2 or above\nPlease upgrade to FortiADC version 6.2.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n config system global\n set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection\"\n\nFortiDDOS-F\nPlease upgrade to FortiDDoS-F version 6.4.0 or above\nPlease upgrade to FortiDDoS-F version 6.3.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n config system global\n set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection\" \n\nPlease upgrade to FortiSwitch version 7.2.0 or above \nPlease upgrade to FortiSwitch version 7.0.5 or above \nPlease upgrade to FortiSwitch version 6.4.11 or above \nPlease upgrade to FortiVoice version 7.0.2 or above\nPlease upgrade to FortiVoice version 6.4.9 or above\nPlease upgrade to FortiMail version 7.2.0 or above \nPlease upgrade to FortiMail version 7.0.4 or above \nPlease upgrade to FortiWLC version 8.6.7 or above \nPlease upgrade to FortiAuthenticator version 6.4.2 or above \nPlease upgrade to FortiAuthenticator version 6.3.4 or above \nPlease upgrade to FortiDDoS version 5.6.0 or above \nPlease upgrade to FortiDDoS version 5.5.2 or above \nPlease upgrade to FortiSOAR version 7.3.0 or above \nPlease upgrade to FortiTester version 7.3.0 or above \nPlease upgrade to FortiTester version 7.2.2 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-23439", datePublished: "2025-01-22T09:10:28.669Z", dateReserved: "2022-01-19T07:38:03.512Z", dateUpdated: "2025-01-22T14:21:36.714Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36639
Vulnerability from cvelistv5
Published
2023-12-13 06:42
Modified
2024-08-02 16:52
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:52:54.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-138", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-138", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.17", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.1.0", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-13T06:42:44.194Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-138", url: "https://fortiguard.com/psirt/FG-IR-23-138", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \nPlease upgrade to FortiOS version 6.2.16 or above \nPlease upgrade to FortiPAM version 1.2.0 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiSASE version 23.3 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-36639", datePublished: "2023-12-13T06:42:44.194Z", dateReserved: "2023-06-25T18:03:39.227Z", dateUpdated: "2024-08-02T16:52:54.282Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201906-0818
Vulnerability from variot
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests. Fortinet FortiOS Exists in an authorization vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Fortinet FortiOS 5.4.1 through 5.4.10, 5.6.0 to 5.6.8, and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0818", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.1", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.6.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.5", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.4.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "5.4.1 to 5.4.10", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 to 6.0.4", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "5.6.0 to 5.6.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.1", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.2", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "5.6.9", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "5.4.11", }, ], sources: [ { db: "BID", id: "108697", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ricardo Longatto,Meh Chang and Orange Tsai from DEVCORE Security Research Team.", sources: [ { db: "CNNVD", id: "CNNVD-201905-1025", }, ], trust: 0.6, }, cve: "CVE-2018-13382", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2018-13382", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-123436", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2018-13382", impactScore: 3.6, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2018-13382", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 9.1, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2018-015563", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-13382", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2018-13382", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2018-13382", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201905-1025", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-123436", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-13382", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-123436", }, { db: "VULMON", id: "CVE-2018-13382", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1025", }, { db: "NVD", id: "CVE-2018-13382", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests. Fortinet FortiOS Exists in an authorization vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to an authorization-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. \nFortinet FortiOS 5.4.1 through 5.4.10, 5.6.0 to 5.6.8, and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products", sources: [ { db: "NVD", id: "CVE-2018-13382", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "BID", id: "108697", }, { db: "VULHUB", id: "VHN-123436", }, { db: "VULMON", id: "CVE-2018-13382", }, ], trust: 2.61, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-123436", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-123436", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-13382", trust: 3.7, }, { db: "BID", id: "108697", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2018-015563", trust: 0.8, }, { db: "EXPLOIT-DB", id: "49074", trust: 0.7, }, { db: "PACKETSTORM", id: "160130", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-201905-1025", trust: 0.7, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1889", trust: 0.6, }, { db: "CS-HELP", id: "SB2021060122", trust: 0.6, }, { db: "CXSECURITY", id: "WLB-2020110183", trust: 0.6, }, { db: "VULHUB", id: "VHN-123436", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-13382", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-123436", }, { db: "VULMON", id: "CVE-2018-13382", }, { db: "BID", id: "108697", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1025", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, id: "VAR-201906-0818", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-123436", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:24:49.616000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-18-389", trust: 0.8, url: "https://fortiguard.com/advisory/FG-IR-18-389", }, { title: "Fortinet FortiOS Remediation measures for authorization problem vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92977", }, { title: "CVE-2018-13382", trust: 0.1, url: "https://github.com/milo2012/CVE-2018-13382 ", }, { title: "forti-vpn", trust: 0.1, url: "https://github.com/jam620/forti-vpn ", }, { title: "Public-Exploits", trust: 0.1, url: "https://github.com/iojymbo/Public-Exploits ", }, { title: "Public-Exploits", trust: 0.1, url: "https://github.com/iojymbo/public-exploits ", }, { title: "exploits", trust: 0.1, url: "https://github.com/dhn/exploits ", }, { title: "exploit-collection", trust: 0.1, url: "https://github.com/ugur-ercan/exploit-collection ", }, { title: "SecBooks", trust: 0.1, url: "https://github.com/SexyBeast233/SecBooks ", }, { title: "CVE-POC", trust: 0.1, url: "https://github.com/0xT11/CVE-POC ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/nomi-sec/PoC-in-GitHub ", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/apt-groups-exploiting-flaws-in-unpatched-vpns-officials-warn/148956/", }, ], sources: [ { db: "VULMON", id: "CVE-2018-13382", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-201905-1025", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-863", trust: 1, }, { problemtype: "Inappropriate authorization (CWE-285) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-285", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-123436", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-18-389", }, { trust: 1.8, url: "https://www.fortiguard.com/psirt/fg-ir-20-231", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2018-13382", }, { trust: 1.2, url: "https://packetstormsecurity.com/files/160130/fortinet-fortios-6.0.4-password-modification.html", }, { trust: 1.2, url: "https://www.securityfocus.com/bid/108697", }, { trust: 0.9, url: "https://www.fortinet.com/products/fortigate/fortios.html", }, { trust: 0.9, url: "https://fortiguard.com/psirt/fg-ir-18-389", }, { trust: 0.8, url: "https://cisa.gov/known-exploited-vulnerabilities-catalog", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://i.blackhat.com/usa-19/wednesday/us-19-tsai-infiltrating-corporate-intranet-like-nsa.pdf", }, { trust: 0.6, url: "https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn/", }, { trust: 0.6, url: "https://cxsecurity.com/issue/wlb-2020110183", }, { trust: 0.6, url: "https://www.exploit-db.com/exploits/49074", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-privilege-escalation-via-ssl-vpn-29413", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021060122", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1889", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/285.html", }, { trust: 0.1, url: "https://github.com/milo2012/cve-2018-13382", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-123436", }, { db: "VULMON", id: "CVE-2018-13382", }, { db: "BID", id: "108697", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1025", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-123436", }, { db: "VULMON", id: "CVE-2018-13382", }, { db: "BID", id: "108697", }, { db: "JVNDB", id: "JVNDB-2018-015563", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1025", }, { db: "NVD", id: "CVE-2018-13382", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-04T00:00:00", db: "VULHUB", id: "VHN-123436", }, { date: "2019-06-04T00:00:00", db: "VULMON", id: "CVE-2018-13382", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108697", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015563", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2019-05-27T00:00:00", db: "CNNVD", id: "CNNVD-201905-1025", }, { date: "2019-06-04T21:29:00.373000", db: "NVD", id: "CVE-2018-13382", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-11T00:00:00", db: "VULHUB", id: "VHN-123436", }, { date: "2021-06-03T00:00:00", db: "VULMON", id: "CVE-2018-13382", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108697", }, { date: "2024-05-31T07:01:00", db: "JVNDB", id: "JVNDB-2018-015563", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-08-16T00:00:00", db: "CNNVD", id: "CNNVD-201905-1025", }, { date: "2024-11-21T03:46:59.660000", db: "NVD", id: "CVE-2018-13382", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201905-1025", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Authorization vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2018-015563", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-201906-0816
Vulnerability from variot
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and prior versions are vulnerable
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0816", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.2", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.4.12", }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "fortinet", version: "5.4", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "5.6.0 to 5.6.7", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "6.0.0 to 6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.7.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.19", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.17", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.15", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "3.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.36", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.18", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.16", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.14", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.12", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.2", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "5.6.8", }, ], sources: [ { db: "BID", id: "108681", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:fortinet:fortios", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-015566", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Meh Chang and Orange Tsai from DEVCORE Security Research Team.", sources: [ { db: "BID", id: "108681", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, ], trust: 0.9, }, cve: "CVE-2018-13380", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2018-13380", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-123434", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2018-13380", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2018-13380", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2018-13380", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-13380", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2018-13380", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2018-13380", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-201905-1024", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-123434", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-13380", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-123434", }, { db: "VULMON", id: "CVE-2018-13380", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, { db: "NVD", id: "CVE-2018-13380", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nFortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and prior versions are vulnerable", sources: [ { db: "NVD", id: "CVE-2018-13380", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "BID", id: "108681", }, { db: "VULHUB", id: "VHN-123434", }, { db: "VULMON", id: "CVE-2018-13380", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-13380", trust: 2.9, }, { db: "BID", id: "108681", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2018-015566", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2021.0775", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201905-1024", trust: 0.6, }, { db: "VULHUB", id: "VHN-123434", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-13380", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-123434", }, { db: "VULMON", id: "CVE-2018-13380", }, { db: "BID", id: "108681", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, id: "VAR-201906-0816", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-123434", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:51:14.779000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-18-383", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-18-383", }, { title: "Fortinet FortiOS Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92976", }, { title: "forti-vpn", trust: 0.1, url: "https://github.com/jam620/forti-vpn ", }, { title: "nuclei-templates", trust: 0.1, url: "https://github.com/storenth/nuclei-templates ", }, { title: "kenzer-templates", trust: 0.1, url: "https://github.com/Elsfa7-110/kenzer-templates ", }, { title: "kenzer-templates", trust: 0.1, url: "https://github.com/ARPSyndicate/kenzer-templates ", }, ], sources: [ { db: "VULMON", id: "CVE-2018-13380", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-123434", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-18-383", }, { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-20-230", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2018-13380", }, { trust: 1.2, url: "http://www.securityfocus.com/bid/108681", }, { trust: 0.9, url: "https://www.fortinet.com/products/fortigate/fortios.html", }, { trust: 0.9, url: "https://fortiguard.com/psirt/fg-ir-18-383", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13380", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-cross-site-scripting-via-ssl-vpn-portal-30135", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-cross-site-scripting-via-the-vpn-portal-29412", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0775", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/jam620/forti-vpn", }, { trust: 0.1, url: "https://github.com/storenth/nuclei-templates", }, ], sources: [ { db: "VULHUB", id: "VHN-123434", }, { db: "VULMON", id: "CVE-2018-13380", }, { db: "BID", id: "108681", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-123434", }, { db: "VULMON", id: "CVE-2018-13380", }, { db: "BID", id: "108681", }, { db: "JVNDB", id: "JVNDB-2018-015566", }, { db: "CNNVD", id: "CNNVD-201905-1024", }, { db: "NVD", id: "CVE-2018-13380", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-04T00:00:00", db: "VULHUB", id: "VHN-123434", }, { date: "2019-06-04T00:00:00", db: "VULMON", id: "CVE-2018-13380", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108681", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015566", }, { date: "2019-05-27T00:00:00", db: "CNNVD", id: "CNNVD-201905-1024", }, { date: "2019-06-04T21:29:00.267000", db: "NVD", id: "CVE-2018-13380", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-22T00:00:00", db: "VULHUB", id: "VHN-123434", }, { date: "2021-04-06T00:00:00", db: "VULMON", id: "CVE-2018-13380", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108681", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015566", }, { date: "2021-03-11T00:00:00", db: "CNNVD", id: "CNNVD-201905-1024", }, { date: "2024-11-21T03:46:59.383000", db: "NVD", id: "CVE-2018-13380", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201905-1024", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Vulnerable to cross-site scripting", sources: [ { db: "JVNDB", id: "JVNDB-2018-015566", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-201905-1024", }, ], trust: 0.6, }, }
var-202207-0087
Vulnerability from variot
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments. FortiOS and FortiProxy Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0087", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.14", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.2.11", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.8", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.4", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, cve: "CVE-2021-44170", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2021-44170", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "OTHER", availabilityImpact: "High", baseScore: 6.7, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2022-015237", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-44170", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-44170", trust: 1, value: "MEDIUM", }, { author: "OTHER", id: "JVNDB-2022-015237", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202207-373", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "CNNVD", id: "CNNVD-202207-373", }, { db: "NVD", id: "CVE-2021-44170", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments. FortiOS and FortiProxy Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-44170", }, { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "VULHUB", id: "VHN-406777", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-44170", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2022-015237", trust: 0.8, }, { db: "CS-HELP", id: "SB2022070513", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202207-373", trust: 0.6, }, { db: "VULHUB", id: "VHN-406777", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-406777", }, { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "CNNVD", id: "CNNVD-202207-373", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, id: "VAR-202207-0087", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-406777", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:55:24.630000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-179", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-179", }, { title: "Fortinet FortiProxy Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201339", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "CNNVD", id: "CNNVD-202207-373", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-406777", }, { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-21-179", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44170", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-44170/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022070513", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-buffer-overflow-via-cli-38742", }, ], sources: [ { db: "VULHUB", id: "VHN-406777", }, { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "CNNVD", id: "CNNVD-202207-373", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-406777", }, { db: "JVNDB", id: "JVNDB-2022-015237", }, { db: "CNNVD", id: "CNNVD-202207-373", }, { db: "NVD", id: "CVE-2021-44170", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-18T00:00:00", db: "VULHUB", id: "VHN-406777", }, { date: "2023-09-26T00:00:00", db: "JVNDB", id: "JVNDB-2022-015237", }, { date: "2022-07-05T00:00:00", db: "CNNVD", id: "CNNVD-202207-373", }, { date: "2022-07-18T17:15:08.483000", db: "NVD", id: "CVE-2021-44170", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-25T00:00:00", db: "VULHUB", id: "VHN-406777", }, { date: "2023-09-26T01:58:00", db: "JVNDB", id: "JVNDB-2022-015237", }, { date: "2022-07-29T00:00:00", db: "CNNVD", id: "CNNVD-202207-373", }, { date: "2022-07-25T17:05:58.760000", db: "NVD", id: "CVE-2021-44170", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202207-373", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Out-of-bounds write vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2022-015237", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202207-373", }, ], trust: 0.6, }, }
var-202103-0560
Vulnerability from variot
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality. FortiProxy Contains an improper authentication vulnerability.Information may be obtained. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. There is a security vulnerability in FortiProxy SSL VPN, which allows attackers to exploit the vulnerability to obtain credentials of SSL VPN users
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0560", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortiproxy", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "2.0.0", }, { model: "fortiproxy", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "1.2.9 and earlier", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, cve: "CVE-2021-22128", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2021-22128", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-380537", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-22128", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-22128", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.3, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2021-22128", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-22128", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-22128", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-22128", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202103-324", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-380537", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-380537", }, { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "CNNVD", id: "CNNVD-202103-324", }, { db: "NVD", id: "CVE-2021-22128", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality. FortiProxy Contains an improper authentication vulnerability.Information may be obtained. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. There is a security vulnerability in FortiProxy SSL VPN, which allows attackers to exploit the vulnerability to obtain credentials of SSL VPN users", sources: [ { db: "NVD", id: "CVE-2021-22128", }, { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "VULHUB", id: "VHN-380537", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-22128", trust: 2.5, }, { db: "JVNDB", id: "JVNDB-2021-004234", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202103-324", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2021.0775", trust: 0.6, }, { db: "VULHUB", id: "VHN-380537", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-380537", }, { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "CNNVD", id: "CNNVD-202103-324", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, id: "VAR-202103-0560", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-380537", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:51:14.755000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-20-235", trust: 0.8, url: "https://fortiguard.com/advisory/FG-IR-20-235", }, { title: "Fortinet FortiProxy SSL VPN Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=143734", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "CNNVD", id: "CNNVD-202103-324", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, { problemtype: "Bad authentication (CWE-863) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-20-235", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22128", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0775", }, ], sources: [ { db: "VULHUB", id: "VHN-380537", }, { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "CNNVD", id: "CNNVD-202103-324", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-380537", }, { db: "JVNDB", id: "JVNDB-2021-004234", }, { db: "CNNVD", id: "CNNVD-202103-324", }, { db: "NVD", id: "CVE-2021-22128", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-04T00:00:00", db: "VULHUB", id: "VHN-380537", }, { date: "2021-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2021-004234", }, { date: "2021-03-04T00:00:00", db: "CNNVD", id: "CNNVD-202103-324", }, { date: "2021-03-04T18:15:13.130000", db: "NVD", id: "CVE-2021-22128", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-12T00:00:00", db: "VULHUB", id: "VHN-380537", }, { date: "2021-11-17T03:16:00", db: "JVNDB", id: "JVNDB-2021-004234", }, { date: "2022-07-14T00:00:00", db: "CNNVD", id: "CNNVD-202103-324", }, { date: "2024-11-21T05:49:33.540000", db: "NVD", id: "CVE-2021-22128", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202103-324", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiProxy Authentication Vulnerability in Microsoft", sources: [ { db: "JVNDB", id: "JVNDB-2021-004234", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202103-324", }, ], trust: 0.6, }, }
var-202302-1418
Vulnerability from variot
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. fortinet's FortiSwitch Manager , FortiProxy , FortiOS Exists in a past traversal vulnerability.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1418", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.10", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.10", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.2", }, { model: "fortiswitch manager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 to 7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.10", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.12", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.1", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, cve: "CVE-2022-41335", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2022-41335", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2022-41335", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-41335", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-41335", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2022-41335", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2022-41335", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202302-1427", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. fortinet's FortiSwitch Manager , FortiProxy , FortiOS Exists in a past traversal vulnerability.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-41335", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-019903", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202302-1427", trust: 0.6, }, { db: "VULHUB", id: "VHN-437474", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-41335", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, id: "VAR-202302-1418", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-437474", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:10:18.521000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-391", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-22-391", }, { title: "Fortinet FortiOS and FortiSwitch Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226970", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.1, }, { problemtype: "CWE-23", trust: 1, }, { problemtype: "Path traversal (CWE-22) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-391", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-41335", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-41335/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-437474", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-41335", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2022-019903", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1427", }, { date: "2023-02-16T19:15:13.513000", db: "NVD", id: "CVE-2022-41335", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-27T00:00:00", db: "VULHUB", id: "VHN-437474", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-41335", }, { date: "2023-10-30T01:23:00", db: "JVNDB", id: "JVNDB-2022-019903", }, { date: "2023-02-28T00:00:00", db: "CNNVD", id: "CNNVD-202302-1427", }, { date: "2023-11-07T03:52:48.110000", db: "NVD", id: "CVE-2022-41335", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202302-1427", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Path traversal vulnerability in multiple Fortinet products", sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "path traversal", sources: [ { db: "CNNVD", id: "CNNVD-202302-1427", }, ], trust: 0.6, }, }
var-202010-1344
Vulnerability from variot
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command. FortiOS and FortiProxy Contains a vulnerability in the plaintext storage of important information.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. There is a security vulnerability in FortiOS 6.2.4 and earlier versions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1344", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.12", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.10", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.2.5", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "6.2.4 and earlier", }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, cve: "CVE-2020-6648", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "CVE-2020-6648", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, id: "VHN-184773", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2020-6648", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2020-6648", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2020-6648", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-6648", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2020-6648", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2020-6648", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202010-1124", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-184773", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-6648", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-184773", }, { db: "VULMON", id: "CVE-2020-6648", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "CNNVD", id: "CNNVD-202010-1124", }, { db: "NVD", id: "CVE-2020-6648", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the \"diag sys ha checksum show\" command. FortiOS and FortiProxy Contains a vulnerability in the plaintext storage of important information.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. There is a security vulnerability in FortiOS 6.2.4 and earlier versions", sources: [ { db: "NVD", id: "CVE-2020-6648", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "VULHUB", id: "VHN-184773", }, { db: "VULMON", id: "CVE-2020-6648", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-6648", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2020-012605", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202010-1124", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2021.0775", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3787", trust: 0.6, }, { db: "CNVD", id: "CNVD-2020-62939", trust: 0.1, }, { db: "VULHUB", id: "VHN-184773", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-6648", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-184773", }, { db: "VULMON", id: "CVE-2020-6648", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "CNNVD", id: "CNNVD-202010-1124", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, id: "VAR-202010-1344", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-184773", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:51:14.727000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-20-236 FortiGuard PSIRT Advisory", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-20-236", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012605", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-312", trust: 1.1, }, { problemtype: "Plaintext storage of important information (CWE-312) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-184773", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.fortiguard.com/psirt/fg-ir-20-009", }, { trust: 1.7, url: "https://www.fortiguard.com/psirt/fg-ir-20-236", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-6648", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3787/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-information-disclosure-via-diag-sys-ha-checksum-show-33699", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0775", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/312.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-184773", }, { db: "VULMON", id: "CVE-2020-6648", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "CNNVD", id: "CNNVD-202010-1124", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-184773", }, { db: "VULMON", id: "CVE-2020-6648", }, { db: "JVNDB", id: "JVNDB-2020-012605", }, { db: "CNNVD", id: "CNNVD-202010-1124", }, { db: "NVD", id: "CVE-2020-6648", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-21T00:00:00", db: "VULHUB", id: "VHN-184773", }, { date: "2020-10-21T00:00:00", db: "VULMON", id: "CVE-2020-6648", }, { date: "2021-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2020-012605", }, { date: "2020-10-21T00:00:00", db: "CNNVD", id: "CNNVD-202010-1124", }, { date: "2020-10-21T14:15:20.387000", db: "NVD", id: "CVE-2020-6648", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-06-15T00:00:00", db: "VULHUB", id: "VHN-184773", }, { date: "2021-03-11T00:00:00", db: "VULMON", id: "CVE-2020-6648", }, { date: "2021-05-14T08:26:00", db: "JVNDB", id: "JVNDB-2020-012605", }, { date: "2021-03-15T00:00:00", db: "CNNVD", id: "CNNVD-202010-1124", }, { date: "2024-11-21T05:36:05.557000", db: "NVD", id: "CVE-2020-6648", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202010-1124", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Vulnerability of important information in plaintext", sources: [ { db: "JVNDB", id: "JVNDB-2020-012605", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202010-1124", }, ], trust: 0.6, }, }
var-202106-1942
Vulnerability from variot
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters. FortiOS and FortiProxy Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. Fortinet FortiGate has a cross-site scripting vulnerability that stems from insufficient sanitization of user-supplied data in SSL VPN web portals. A remote attacker could exploit this vulnerability to trick the victim into following a specially crafted link to an error page and execute arbitrary HTML and script code in the user's browser within the context of the vulnerable website. The following products and versions are affected: FortiGate: 5.0.0, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0 .11, 5.0.12, 5.0.13, 5.0.14, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8 , 5.2.9, 5.2.10, 5.2.11, 5.2.12, 5.2.13, 5.2.14, 5.2.15, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4 , 5.4 .5, 5.4.6, 5.4.7, 5.4.8, 5.4.9, 5.4.10, 5.4.11, 5.4.12, 5.4.13, 5.6.0, 5.6.1, 5.6.2, 5.6.3 , 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 5.6.12, 5.6.13, 6.0.0, 6.0.1, 6.0 .2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.2.0, 6.2.1 , 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1942", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.12", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.1", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.7", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.2.15", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.2.10", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.4", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.7", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.4", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 to 6.0.12", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "5.6.0 to 5.6.14", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "5.2.10 to 5.2.15", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "5.4.0 to 5.4.13", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, cve: "CVE-2021-26092", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-26092", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-385056", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-26092", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2021-26092", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2021-26092", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-26092", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-26092", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-26092", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202106-012", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-385056", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-385056", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-012", }, { db: "NVD", id: "CVE-2021-26092", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters. FortiOS and FortiProxy Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. Fortinet FortiGate has a cross-site scripting vulnerability that stems from insufficient sanitization of user-supplied data in SSL VPN web portals. A remote attacker could exploit this vulnerability to trick the victim into following a specially crafted link to an error page and execute arbitrary HTML and script code in the user's browser within the context of the vulnerable website. The following products and versions are affected: FortiGate: 5.0.0, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0 .11, 5.0.12, 5.0.13, 5.0.14, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8 , 5.2.9, 5.2.10, 5.2.11, 5.2.12, 5.2.13, 5.2.14, 5.2.15, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4 , 5.4 .5, 5.4.6, 5.4.7, 5.4.8, 5.4.9, 5.4.10, 5.4.11, 5.4.12, 5.4.13, 5.6.0, 5.6.1, 5.6.2, 5.6.3 , 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 5.6.12, 5.6.13, 6.0.0, 6.0.1, 6.0 .2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.2.0, 6.2.1 , 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4", sources: [ { db: "NVD", id: "CVE-2021-26092", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-385056", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-26092", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-018552", trust: 0.8, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1887", trust: 0.6, }, { db: "CS-HELP", id: "SB2021060124", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202106-012", trust: 0.6, }, { db: "CNVD", id: "CNVD-2022-50950", trust: 0.1, }, { db: "VULHUB", id: "VHN-385056", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-385056", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-012", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, id: "VAR-202106-1942", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-385056", }, ], trust: 0.01, }, last_update_date: "2024-08-14T13:13:06.397000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-20-199", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-20-199", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-018552", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-385056", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-20-199", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26092", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortigate-cross-site-scripting-via-ssl-vpn-portal-error-page-35583", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1887", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-26092/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021060124", }, ], sources: [ { db: "VULHUB", id: "VHN-385056", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-012", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-385056", }, { db: "JVNDB", id: "JVNDB-2021-018552", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-012", }, { db: "NVD", id: "CVE-2021-26092", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-02-24T00:00:00", db: "VULHUB", id: "VHN-385056", }, { date: "2023-06-22T00:00:00", db: "JVNDB", id: "JVNDB-2021-018552", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-06-01T00:00:00", db: "CNNVD", id: "CNNVD-202106-012", }, { date: "2022-02-24T03:15:43.407000", db: "NVD", id: "CVE-2021-26092", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-03-02T00:00:00", db: "VULHUB", id: "VHN-385056", }, { date: "2023-06-22T03:06:00", db: "JVNDB", id: "JVNDB-2021-018552", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2022-03-10T00:00:00", db: "CNNVD", id: "CNNVD-202106-012", }, { date: "2022-03-02T16:28:07.387000", db: "NVD", id: "CVE-2021-26092", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202106-012", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Cross-site scripting vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-018552", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202302-1352
Vulnerability from variot
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter. FortiProxy , Fortiweb , FortiOS Multiple Fortinet products contain vulnerabilities related to digital signature validation.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1352", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiweb", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiweb", scope: "lt", trust: 1, vendor: "fortinet", version: "6.3.17", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiswitch", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.11", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortiweb", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortiswitch", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.4", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.8", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.4", }, { model: "fortiweb", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiswitch", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 that's all 7.0.4", }, { model: "fortiweb", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiswitch", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 that's all 6.4.11", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, cve: "CVE-2021-43074", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-43074", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.3, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2021-43074", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-43074", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-43074", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-43074", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202302-1452", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "CNNVD", id: "CNNVD-202302-1452", }, { db: "NVD", id: "CVE-2021-43074", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter. FortiProxy , Fortiweb , FortiOS Multiple Fortinet products contain vulnerabilities related to digital signature validation.Information may be obtained", sources: [ { db: "NVD", id: "CVE-2021-43074", }, { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "VULHUB", id: "VHN-404124", }, { db: "VULMON", id: "CVE-2021-43074", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-43074", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2023-004474", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202302-1452", trust: 0.6, }, { db: "VULHUB", id: "VHN-404124", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-43074", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-404124", }, { db: "VULMON", id: "CVE-2021-43074", }, { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "CNNVD", id: "CNNVD-202302-1452", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, id: "VAR-202302-1352", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-404124", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:49:19.202000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-126", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-21-126", }, { title: "Fortinet FortiSwitch and FortiWeb Repair measures for data forgery problem vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226818", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "CNNVD", id: "CNNVD-202302-1452", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-347", trust: 1.1, }, { problemtype: "Improper verification of digital signatures (CWE-347) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-404124", }, { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-21-126", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-43074", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-43074/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-404124", }, { db: "VULMON", id: "CVE-2021-43074", }, { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "CNNVD", id: "CNNVD-202302-1452", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-404124", }, { db: "VULMON", id: "CVE-2021-43074", }, { db: "JVNDB", id: "JVNDB-2023-004474", }, { db: "CNNVD", id: "CNNVD-202302-1452", }, { db: "NVD", id: "CVE-2021-43074", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-404124", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2021-43074", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2023-004474", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1452", }, { date: "2023-02-16T19:15:11.677000", db: "NVD", id: "CVE-2021-43074", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-24T00:00:00", db: "VULHUB", id: "VHN-404124", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2021-43074", }, { date: "2023-10-30T07:35:00", db: "JVNDB", id: "JVNDB-2023-004474", }, { date: "2023-02-27T00:00:00", db: "CNNVD", id: "CNNVD-202302-1452", }, { date: "2023-11-07T03:39:18.017000", db: "NVD", id: "CVE-2021-43074", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202302-1452", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Digital signature validation vulnerability in multiple Fortinet products", sources: [ { db: "JVNDB", id: "JVNDB-2023-004474", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "data forgery", sources: [ { db: "CNNVD", id: "CNNVD-202302-1452", }, ], trust: 0.6, }, }
var-202205-0281
Vulnerability from variot
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages. Fortinet FortiOS Contains a vulnerability related to information leakage due to error messages.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The vulnerability stems from the excessive data output in the error message generated by the server. A remote attacker can use this vulnerability to lure the victim to connect to a malicious web server and retrieve the client of the web proxy through a same-origin HTTP request. End user name and IP
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-0281", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.2.10", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.4", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.14", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, cve: "CVE-2021-43206", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2021-43206", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-404253", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-43206", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 4.3, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "JVNDB-2022-010449", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-43206", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-43206", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-43206", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202205-1941", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-404253", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-43206", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-404253", }, { db: "VULMON", id: "CVE-2021-43206", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "CNNVD", id: "CNNVD-202205-1941", }, { db: "NVD", id: "CVE-2021-43206", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages. Fortinet FortiOS Contains a vulnerability related to information leakage due to error messages.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The vulnerability stems from the excessive data output in the error message generated by the server. A remote attacker can use this vulnerability to lure the victim to connect to a malicious web server and retrieve the client of the web proxy through a same-origin HTTP request. End user name and IP", sources: [ { db: "NVD", id: "CVE-2021-43206", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "VULHUB", id: "VHN-404253", }, { db: "VULMON", id: "CVE-2021-43206", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-43206", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-010449", trust: 0.8, }, { db: "CS-HELP", id: "SB2022050318", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202205-1941", trust: 0.6, }, { db: "CNVD", id: "CNVD-2022-50947", trust: 0.1, }, { db: "VULHUB", id: "VHN-404253", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-43206", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-404253", }, { db: "VULMON", id: "CVE-2021-43206", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "CNNVD", id: "CNNVD-202205-1941", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, id: "VAR-202205-0281", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-404253", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:54:35.720000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-2316", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-231", }, { title: "Fortinet FortiOS Repair measures for information disclosure vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191271", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "CNNVD", id: "CNNVD-202205-1941", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-209", trust: 1.1, }, { problemtype: "Information leakage due to error message (CWE-209) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-404253", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-21-231", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-43206", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-information-disclosure-via-web-proxy-error-pages-38209", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022050318", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-43206/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/209.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-404253", }, { db: "VULMON", id: "CVE-2021-43206", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "CNNVD", id: "CNNVD-202205-1941", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-404253", }, { db: "VULMON", id: "CVE-2021-43206", }, { db: "JVNDB", id: "JVNDB-2022-010449", }, { db: "CNNVD", id: "CNNVD-202205-1941", }, { db: "NVD", id: "CVE-2021-43206", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-04T00:00:00", db: "VULHUB", id: "VHN-404253", }, { date: "2022-05-04T00:00:00", db: "VULMON", id: "CVE-2021-43206", }, { date: "2023-08-15T00:00:00", db: "JVNDB", id: "JVNDB-2022-010449", }, { date: "2022-05-03T00:00:00", db: "CNNVD", id: "CNNVD-202205-1941", }, { date: "2022-05-04T16:15:08.227000", db: "NVD", id: "CVE-2021-43206", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-13T00:00:00", db: "VULHUB", id: "VHN-404253", }, { date: "2022-05-13T00:00:00", db: "VULMON", id: "CVE-2021-43206", }, { date: "2023-08-15T06:55:00", db: "JVNDB", id: "JVNDB-2022-010449", }, { date: "2022-05-16T00:00:00", db: "CNNVD", id: "CNNVD-202205-1941", }, { date: "2024-11-21T06:28:50.743000", db: "NVD", id: "CVE-2021-43206", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202205-1941", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Vulnerability regarding information leakage due to error messages in", sources: [ { db: "JVNDB", id: "JVNDB-2022-010449", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "information disclosure", sources: [ { db: "CNNVD", id: "CNNVD-202205-1941", }, ], trust: 0.6, }, }
var-202207-0115
Vulnerability from variot
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. plural Fortinet The product contains an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202207-0115", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.5", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.13", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.10", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.8", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.8", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.6", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.17", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.1", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.4", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.26", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.9", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.15", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.12", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.14", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.3", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.12", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.20", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.3", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.4", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.21", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.13", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.13", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.11", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.11", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.3", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.6", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.22", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.23", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.12", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.1", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.8", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.5", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.6", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.8", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.16", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.3", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.10", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.4", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.1", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.7", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.25", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.24", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.14", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.10", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.3", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.5", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.1", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.5", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.3", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.5", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.8", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.9", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.8", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.1", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.9", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.10", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.9", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.19", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.7", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.6", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.11", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.18", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.4", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.12", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.1", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.8", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.9", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "5.3.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.11", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.4", }, { model: "fortivoice", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.9", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.5", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortirecorder", scope: "eq", trust: 1, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "5.4.6", }, { model: "fortirecorder", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortivoice", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiswitch", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, cve: "CVE-2021-42755", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT", author: "nvd@nist.gov", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2021-42755", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "OTHER", availabilityImpact: "Low", baseScore: 4.3, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2022-015239", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-42755", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-42755", trust: 1, value: "MEDIUM", }, { author: "OTHER", id: "JVNDB-2022-015239", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202207-378", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "CNNVD", id: "CNNVD-202207-378", }, { db: "NVD", id: "CVE-2021-42755", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service. plural Fortinet The product contains an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-42755", }, { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "VULHUB", id: "VHN-403817", }, { db: "VULMON", id: "CVE-2021-42755", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-42755", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-015239", trust: 0.8, }, { db: "CS-HELP", id: "SB2022070520", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.3308", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202207-378", trust: 0.6, }, { db: "VULHUB", id: "VHN-403817", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-42755", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-403817", }, { db: "VULMON", id: "CVE-2021-42755", }, { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "CNNVD", id: "CNNVD-202207-378", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, id: "VAR-202207-0115", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-403817", }, ], trust: 0.36984128000000005, }, last_update_date: "2024-08-14T14:02:31.490000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-155", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-155", }, { title: "Fortinet FortiVoice Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198709", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "CNNVD", id: "CNNVD-202207-378", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1.1, }, { problemtype: "Integer overflow or wraparound (CWE-190) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-403817", }, { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-21-155", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-42755", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022070520", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.3308", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-42755/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-integer-overflow-via-dhcpd-38738", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-403817", }, { db: "VULMON", id: "CVE-2021-42755", }, { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "CNNVD", id: "CNNVD-202207-378", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-403817", }, { db: "VULMON", id: "CVE-2021-42755", }, { db: "JVNDB", id: "JVNDB-2022-015239", }, { db: "CNNVD", id: "CNNVD-202207-378", }, { db: "NVD", id: "CVE-2021-42755", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-18T00:00:00", db: "VULHUB", id: "VHN-403817", }, { date: "2022-07-18T00:00:00", db: "VULMON", id: "CVE-2021-42755", }, { date: "2023-09-26T00:00:00", db: "JVNDB", id: "JVNDB-2022-015239", }, { date: "2022-07-05T00:00:00", db: "CNNVD", id: "CNNVD-202207-378", }, { date: "2022-07-18T17:15:08.413000", db: "NVD", id: "CVE-2021-42755", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-25T00:00:00", db: "VULHUB", id: "VHN-403817", }, { date: "2022-07-18T00:00:00", db: "VULMON", id: "CVE-2021-42755", }, { date: "2023-09-26T02:13:00", db: "JVNDB", id: "JVNDB-2022-015239", }, { date: "2022-07-29T00:00:00", db: "CNNVD", id: "CNNVD-202207-378", }, { date: "2024-01-18T15:48:06.043000", db: "NVD", id: "CVE-2021-42755", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202207-378", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Fortinet Integer overflow vulnerability in product", sources: [ { db: "JVNDB", id: "JVNDB-2022-015239", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202207-378", }, ], trust: 0.6, }, }
var-202302-1298
Vulnerability from variot
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands. fortinet's FortiProxy and FortiOS Exists in a permission management vulnerability.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1298", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.9", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0 that's all 7.2.1", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 that's all 7.0.8", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, cve: "CVE-2022-38378", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2022-38378", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "psirt@fortinet.com", availabilityImpact: "LOW", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 0.8, id: "CVE-2022-38378", impactScore: 3.4, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "None", baseScore: 6, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-38378", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-38378", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2022-38378", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2022-38378", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202302-1438", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "CNNVD", id: "CNNVD-202302-1438", }, { db: "NVD", id: "CVE-2022-38378", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands. fortinet's FortiProxy and FortiOS Exists in a permission management vulnerability.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2022-38378", }, { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "VULHUB", id: "VHN-434172", }, { db: "VULMON", id: "CVE-2022-38378", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-38378", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2023-004441", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202302-1438", trust: 0.6, }, { db: "VULHUB", id: "VHN-434172", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-38378", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-434172", }, { db: "VULMON", id: "CVE-2022-38378", }, { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "CNNVD", id: "CNNVD-202302-1438", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, id: "VAR-202302-1298", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-434172", }, ], trust: 0.01, }, last_update_date: "2024-08-14T13:42:03.976000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-346", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-22-346", }, { title: "Fortinet FortiOS Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226807", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "CNNVD", id: "CNNVD-202302-1438", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-269", trust: 1.1, }, { problemtype: "Improper authority management (CWE-269) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-434172", }, { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-346", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-38378", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-38378/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-434172", }, { db: "VULMON", id: "CVE-2022-38378", }, { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "CNNVD", id: "CNNVD-202302-1438", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-434172", }, { db: "VULMON", id: "CVE-2022-38378", }, { db: "JVNDB", id: "JVNDB-2023-004441", }, { db: "CNNVD", id: "CNNVD-202302-1438", }, { db: "NVD", id: "CVE-2022-38378", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-434172", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-38378", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2023-004441", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1438", }, { date: "2023-02-16T19:15:12.930000", db: "NVD", id: "CVE-2022-38378", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-24T00:00:00", db: "VULHUB", id: "VHN-434172", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-38378", }, { date: "2023-10-30T06:16:00", db: "JVNDB", id: "JVNDB-2023-004441", }, { date: "2023-02-27T00:00:00", db: "CNNVD", id: "CNNVD-202302-1438", }, { date: "2023-11-07T03:50:06.943000", db: "NVD", id: "CVE-2022-38378", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202302-1438", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Vulnerability in privilege management in", sources: [ { db: "JVNDB", id: "JVNDB-2023-004441", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202302-1438", }, ], trust: 0.6, }, }
var-201905-0764
Vulnerability from variot
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages. Fortinet FortiOS Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Fortinet FortiOS is prone to a heap-based buffer-overflow vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Versions prior to FortiOS 6.0.5 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A heap buffer overflow vulnerability existed in Fortinet versions prior to FortiOS 6.2.0. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0764", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "lt", trust: 1.8, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.2.15", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.6.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.7.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.19", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.17", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.15", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "3.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.80", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.50", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.36", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.18", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.16", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.14", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.12", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.2", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.0.5", }, ], sources: [ { db: "BID", id: "108539", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:fortinet:fortios", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-015559", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Meh Chang and Orange Tsai from DEVCORE Security Research Team.", sources: [ { db: "BID", id: "108539", }, { db: "CNNVD", id: "CNNVD-201904-116", }, ], trust: 0.9, }, cve: "CVE-2018-13383", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2018-13383", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-123437", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2018-13383", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2018-13383", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2018-13383", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-13383", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2018-13383", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2018-13383", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-201904-116", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-123437", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-13383", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-123437", }, { db: "VULMON", id: "CVE-2018-13383", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, { db: "NVD", id: "CVE-2018-13383", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages. Fortinet FortiOS Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Fortinet FortiOS is prone to a heap-based buffer-overflow vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. \nVersions prior to FortiOS 6.0.5 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A heap buffer overflow vulnerability existed in Fortinet versions prior to FortiOS 6.2.0. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations", sources: [ { db: "NVD", id: "CVE-2018-13383", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "BID", id: "108539", }, { db: "VULHUB", id: "VHN-123437", }, { db: "VULMON", id: "CVE-2018-13383", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-13383", trust: 2.9, }, { db: "BID", id: "108539", trust: 1, }, { db: "JVNDB", id: "JVNDB-2018-015559", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201904-116", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.1114.2", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.1114.4", trust: 0.6, }, { db: "VULHUB", id: "VHN-123437", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-13383", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-123437", }, { db: "VULMON", id: "CVE-2018-13383", }, { db: "BID", id: "108539", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, id: "VAR-201905-0764", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-123437", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:55:33.036000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-18-388", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-18-388", }, { title: "Fortinet FortiOS Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91035", }, { title: "Fortigate VPN: CVE-2018-13379: Pre-auth arbitrary file reading", trust: 0.1, url: "https://github.com/jam620/forti-vpn ", }, { title: "SecBooks\nSecBooks目录", trust: 0.1, url: "https://github.com/SexyBeast233/SecBooks ", }, { title: "Known Exploited Vulnerabilities Detector", trust: 0.1, url: "https://github.com/Ostorlab/KEV ", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/apt-groups-exploiting-flaws-in-unpatched-vpns-officials-warn/148956/", }, ], sources: [ { db: "VULMON", id: "CVE-2018-13383", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-123437", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-18-388", }, { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-20-229", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2018-13383", }, { trust: 1.3, url: "http://www.securityfocus.com/bid/108539", }, { trust: 0.9, url: "http://www.fortinet.com/technology/network-os-fortios.html", }, { trust: 0.9, url: "https://fortiguard.com/psirt/fg-ir-18-388", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13383", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-17-053", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.1114.2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/78322", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-javascript-href-content-28933", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://threatpost.com/apt-groups-exploiting-flaws-in-unpatched-vpns-officials-warn/148956/", }, ], sources: [ { db: "VULHUB", id: "VHN-123437", }, { db: "VULMON", id: "CVE-2018-13383", }, { db: "BID", id: "108539", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-123437", }, { db: "VULMON", id: "CVE-2018-13383", }, { db: "BID", id: "108539", }, { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, { db: "NVD", id: "CVE-2018-13383", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-05-29T00:00:00", db: "VULHUB", id: "VHN-123437", }, { date: "2019-05-29T00:00:00", db: "VULMON", id: "CVE-2018-13383", }, { date: "2019-06-03T00:00:00", db: "BID", id: "108539", }, { date: "2019-06-12T00:00:00", db: "JVNDB", id: "JVNDB-2018-015559", }, { date: "2019-04-03T00:00:00", db: "CNNVD", id: "CNNVD-201904-116", }, { date: "2019-05-29T18:29:00.693000", db: "NVD", id: "CVE-2018-13383", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-22T00:00:00", db: "VULHUB", id: "VHN-123437", }, { date: "2021-03-16T00:00:00", db: "VULMON", id: "CVE-2018-13383", }, { date: "2019-06-03T00:00:00", db: "BID", id: "108539", }, { date: "2019-06-12T00:00:00", db: "JVNDB", id: "JVNDB-2018-015559", }, { date: "2021-03-17T00:00:00", db: "CNNVD", id: "CNNVD-201904-116", }, { date: "2024-11-21T03:46:59.807000", db: "NVD", id: "CVE-2018-13383", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-116", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-015559", }, { db: "CNNVD", id: "CNNVD-201904-116", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201904-116", }, ], trust: 0.6, }, }
var-201906-0815
Vulnerability from variot
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. Fortinet FortiOS Contains a path traversal vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information. Fortinet FortiOS 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A path traversal vulnerability exists in the SSL VPN web portal in Fortinet FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0815", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.5", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "5.6.8", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.6", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "5.6.3 to 5.6.7", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "6.0.0 to 6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.2", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "5.6.8", }, ], sources: [ { db: "BID", id: "108693", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:fortinet:fortios", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-015565", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Carlos E. Vieira,Meh Chang and Orange Tsai from DEVCORE Security Research Team.", sources: [ { db: "CNNVD", id: "CNNVD-201905-1026", }, ], trust: 0.6, }, cve: "CVE-2018-13379", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2018-13379", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-123432", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2018-13379", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2018-13379", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2018-13379", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-13379", trust: 1, value: "CRITICAL", }, { author: "psirt@fortinet.com", id: "CVE-2018-13379", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2018-13379", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201905-1026", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-123432", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-13379", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-123432", }, { db: "VULMON", id: "CVE-2018-13379", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, { db: "NVD", id: "CVE-2018-13379", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. Fortinet FortiOS Contains a path traversal vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiOS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker can exploit this issue using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive information. \nFortinet FortiOS 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A path traversal vulnerability exists in the SSL VPN web portal in Fortinet FortiOS versions 5.6.3 through 5.6.7 and 6.0.0 through 6.0.4. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths", sources: [ { db: "NVD", id: "CVE-2018-13379", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "BID", id: "108693", }, { db: "VULHUB", id: "VHN-123432", }, { db: "VULMON", id: "CVE-2018-13379", }, ], trust: 2.61, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=47288", trust: 0.2, type: "exploit", }, { reference: "https://www.scap.org.cn/vuln/vhn-123432", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-123432", }, { db: "VULMON", id: "CVE-2018-13379", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-13379", trust: 2.9, }, { db: "BID", id: "108693", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2018-015565", trust: 0.8, }, { db: "PACKETSTORM", id: "154146", trust: 0.7, }, { db: "PACKETSTORM", id: "154147", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-201905-1026", trust: 0.7, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "CS-HELP", id: "SB2021060121", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1889", trust: 0.6, }, { db: "EXPLOIT-DB", id: "47288", trust: 0.6, }, { db: "CNVD", id: "CNVD-2020-68839", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-99091", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-99092", trust: 0.1, }, { db: "VULHUB", id: "VHN-123432", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-13379", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-123432", }, { db: "VULMON", id: "CVE-2018-13379", }, { db: "BID", id: "108693", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, id: "VAR-201906-0815", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-123432", }, ], trust: 0.01, }, last_update_date: "2024-11-23T19:59:02.016000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-18-384", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-18-384", }, { title: "Fortinet FortiOS Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92978", }, { title: "forti", trust: 0.1, url: "https://github.com/nescam123/forti ", }, { title: "CVE-2018-13379-FortinetVPN", trust: 0.1, url: "https://github.com/mandr4x/CVE-2018-13379-FortinetVPN ", }, { title: "Fortigate", trust: 0.1, url: "https://github.com/7Elements/Fortigate ", }, { title: "CVE-2018-13379", trust: 0.1, url: "https://github.com/B1anda0/CVE-2018-13379 ", }, ], sources: [ { db: "VULMON", id: "CVE-2018-13379", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-123432", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-18-384", }, { trust: 1.7, url: "https://www.fortiguard.com/psirt/fg-ir-20-233", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2018-13379", }, { trust: 1.2, url: "https://packetstormsecurity.com/files/154147/fortios-5.6.7-6.0.4-credential-disclosure.html", }, { trust: 1.2, url: "https://www.securityfocus.com/bid/108693", }, { trust: 0.9, url: "https://www.fortinet.com/products/fortigate/fortios.html", }, { trust: 0.9, url: "https://fortiguard.com/psirt/fg-ir-18-384", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13379", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://i.blackhat.com/usa-19/wednesday/us-19-tsai-infiltrating-corporate-intranet-like-nsa.pdf", }, { trust: 0.6, url: "https://github.com/blacklotuslabs/development/blob/master/mitigations/cve/cve-2018-13379/cve-2018-13379%20-%20summary%20%26%20emergency%20mitigations.pdf", }, { trust: 0.6, url: "https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/154146/fortios-5.6.7-6.0.4-credential-disclosure.html", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-directory-traversal-via-ssl-vpn-29414", }, { trust: 0.6, url: "https://www.exploit-db.com/exploits/47288", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021060121", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1889", }, ], sources: [ { db: "VULHUB", id: "VHN-123432", }, { db: "BID", id: "108693", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-123432", }, { db: "VULMON", id: "CVE-2018-13379", }, { db: "BID", id: "108693", }, { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, { db: "NVD", id: "CVE-2018-13379", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-04T00:00:00", db: "VULHUB", id: "VHN-123432", }, { date: "2019-06-04T00:00:00", db: "VULMON", id: "CVE-2018-13379", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108693", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015565", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2019-05-27T00:00:00", db: "CNNVD", id: "CNNVD-201905-1026", }, { date: "2019-06-04T21:29:00.233000", db: "NVD", id: "CVE-2018-13379", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-01-22T00:00:00", db: "VULHUB", id: "VHN-123432", }, { date: "2021-06-03T00:00:00", db: "VULMON", id: "CVE-2018-13379", }, { date: "2019-05-24T00:00:00", db: "BID", id: "108693", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015565", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-06-04T00:00:00", db: "CNNVD", id: "CNNVD-201905-1026", }, { date: "2024-11-21T03:46:59.250000", db: "NVD", id: "CVE-2018-13379", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201905-1026", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Path traversal vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-015565", }, { db: "CNNVD", id: "CNNVD-201905-1026", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202212-1132
Vulnerability from variot
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. FortiOS and FortiProxy Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Exploitation status: Fortinet is aware of an instance where this vulnerability was exploited in the wild, and recommends immediately validating your systems against the following indicators of compromise: Multiple log entries with: Logdesc="Application crashed" and msg="[...] application:sslvpnd,[...], Signal 11 received, Backtrace: [...]“ Presence of the following artifacts in the filesystem: /data/lib/libips.bak /data/lib/libgif.so /data/lib/libiptcp.so /data/lib/libipudp.so /data/lib/libjepg.so /var/.sslvpnconfigbk /data/etc/wxd.conf /flash Connections to suspicious IP addresses from the FortiGate: 188.34.130.40:444 103.131.189.143:30080,30081,30443,20443 192.36.119.61:8443,444 172.247.168.153:8033
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1132", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.10", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.0.14", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.9", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.2.15", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.11", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.16", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.0.15", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.3", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.10", }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "6.0.15 and earlier", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 to 7.0.8", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0 to 7.2.2", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, cve: "CVE-2022-42475", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2022-42475", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2022-004202", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-42475", trust: 1, value: "CRITICAL", }, { author: "psirt@fortinet.com", id: "CVE-2022-42475", trust: 1, value: "CRITICAL", }, { author: "OTHER", id: "JVNDB-2022-004202", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202212-2946", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "CNNVD", id: "CNNVD-202212-2946", }, { db: "NVD", id: "CVE-2022-42475", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. FortiOS and FortiProxy Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n \nExploitation status:\nFortinet is aware of an instance where this vulnerability was exploited in the wild, and recommends immediately validating your systems against the following indicators of compromise:\n \nMultiple log entries with:\nLogdesc=\"Application crashed\" and msg=\"[...] application:sslvpnd,[...], Signal 11 received, Backtrace: [...]“\n \nPresence of the following artifacts in the filesystem:\n/data/lib/libips.bak\n/data/lib/libgif.so\n/data/lib/libiptcp.so\n/data/lib/libipudp.so\n/data/lib/libjepg.so\n/var/.sslvpnconfigbk\n/data/etc/wxd.conf\n/flash\n \nConnections to suspicious IP addresses from the FortiGate:\n188.34.130.40:444\n103.131.189.143:30080,30081,30443,20443\n192.36.119.61:8443,444\n172.247.168.153:8033", sources: [ { db: "NVD", id: "CVE-2022-42475", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "VULHUB", id: "VHN-439116", }, { db: "VULMON", id: "CVE-2022-42475", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-42475", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-004202", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2022.6458", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202212-2946", trust: 0.6, }, { db: "VULHUB", id: "VHN-439116", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-42475", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-439116", }, { db: "VULMON", id: "CVE-2022-42475", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "CNNVD", id: "CNNVD-202212-2946", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, id: "VAR-202212-1132", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-439116", }, ], trust: 0.01, }, last_update_date: "2024-08-14T15:26:57.028000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-398", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-22-398", }, { title: "Fortinet FortiOS Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=220509", }, { title: "Fortinet Security Advisories: FortiOS - heap-based buffer overflow in sslvpnd", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=FG-IR-22-398", }, { title: null, trust: 0.1, url: "https://www.theregister.co.uk/2022/12/14/microsoft_december_patch_tuesday/", }, ], sources: [ { db: "VULMON", id: "CVE-2022-42475", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "CNNVD", id: "CNNVD-202212-2946", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "CWE-197", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-439116", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-398", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-42475", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-buffer-overflow-via-sslvpnd-40074", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-42475/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6458", }, ], sources: [ { db: "VULHUB", id: "VHN-439116", }, { db: "VULMON", id: "CVE-2022-42475", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "CNNVD", id: "CNNVD-202212-2946", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-439116", }, { db: "VULMON", id: "CVE-2022-42475", }, { db: "JVNDB", id: "JVNDB-2022-004202", }, { db: "CNNVD", id: "CNNVD-202212-2946", }, { db: "NVD", id: "CVE-2022-42475", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-02T00:00:00", db: "VULHUB", id: "VHN-439116", }, { date: "2023-03-30T00:00:00", db: "JVNDB", id: "JVNDB-2022-004202", }, { date: "2022-12-12T00:00:00", db: "CNNVD", id: "CNNVD-202212-2946", }, { date: "2023-01-02T09:15:09.490000", db: "NVD", id: "CVE-2022-42475", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-09T00:00:00", db: "VULHUB", id: "VHN-439116", }, { date: "2023-03-30T06:24:00", db: "JVNDB", id: "JVNDB-2022-004202", }, { date: "2023-01-10T00:00:00", db: "CNNVD", id: "CNNVD-202212-2946", }, { date: "2024-06-28T13:48:44.240000", db: "NVD", id: "CVE-2022-42475", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202212-2946", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Out-of-bounds write vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2022-004202", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202212-2946", }, ], trust: 0.6, }, }
var-202205-0509
Vulnerability from variot
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. FortiOS and FortiProxy Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. Fortinet FortiProxy SSL VPN has a cross-site scripting vulnerability, which results from insufficient sanitization of user-supplied data, allowing remote attackers to steal potentially sensitive information, change the appearance of web pages, and perform phishing and drive-by download attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-0509", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.14", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.8", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.4", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.10", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "6.4.8 and earlier", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "7.0.3 and earlier", }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "フォーティネット", version: "6.2.10 and earlier", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 to 6.0.14", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, cve: "CVE-2021-43081", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-43081", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-404131", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-43081", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "JVNDB-2022-011202", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-43081", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-43081", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-43081", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202205-1938", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-404131", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-43081", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-404131", }, { db: "VULMON", id: "CVE-2021-43081", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "CNNVD", id: "CNNVD-202205-1938", }, { db: "NVD", id: "CVE-2021-43081", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests. FortiOS and FortiProxy Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. Fortinet FortiProxy SSL VPN has a cross-site scripting vulnerability, which results from insufficient sanitization of user-supplied data, allowing remote attackers to steal potentially sensitive information, change the appearance of web pages, and perform phishing and drive-by download attacks", sources: [ { db: "NVD", id: "CVE-2021-43081", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "VULHUB", id: "VHN-404131", }, { db: "VULMON", id: "CVE-2021-43081", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-43081", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-011202", trust: 0.8, }, { db: "CS-HELP", id: "SB2022050317", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202205-1938", trust: 0.6, }, { db: "CNVD", id: "CNVD-2022-50948", trust: 0.1, }, { db: "VULHUB", id: "VHN-404131", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-43081", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-404131", }, { db: "VULMON", id: "CVE-2021-43081", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "CNNVD", id: "CNNVD-202205-1938", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, id: "VAR-202205-0509", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-404131", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:47:22.997000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-230", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-230", }, { title: "Fortinet FortiProxy SSL VPN Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=191268", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "CNNVD", id: "CNNVD-202205-1938", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-404131", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-21-230", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-43081", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022050317", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-cross-site-scripting-via-web-filter-block-override-form-38208", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-43081/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-404131", }, { db: "VULMON", id: "CVE-2021-43081", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "CNNVD", id: "CNNVD-202205-1938", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-404131", }, { db: "VULMON", id: "CVE-2021-43081", }, { db: "JVNDB", id: "JVNDB-2022-011202", }, { db: "CNNVD", id: "CNNVD-202205-1938", }, { db: "NVD", id: "CVE-2021-43081", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-11T00:00:00", db: "VULHUB", id: "VHN-404131", }, { date: "2022-05-11T00:00:00", db: "VULMON", id: "CVE-2021-43081", }, { date: "2023-08-21T00:00:00", db: "JVNDB", id: "JVNDB-2022-011202", }, { date: "2022-05-03T00:00:00", db: "CNNVD", id: "CNNVD-202205-1938", }, { date: "2022-05-11T15:15:08.603000", db: "NVD", id: "CVE-2021-43081", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-19T00:00:00", db: "VULHUB", id: "VHN-404131", }, { date: "2022-05-19T00:00:00", db: "VULMON", id: "CVE-2021-43081", }, { date: "2023-08-21T04:42:00", db: "JVNDB", id: "JVNDB-2022-011202", }, { date: "2022-05-20T00:00:00", db: "CNNVD", id: "CNNVD-202205-1938", }, { date: "2024-11-21T06:28:39.330000", db: "NVD", id: "CVE-2021-43081", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202205-1938", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Cross-site scripting vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2022-011202", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202205-1938", }, ], trust: 0.6, }, }
var-202210-0198
Vulnerability from variot
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. fortinet's FortiProxy , FortiSwitch Manager , FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiOS has security flaws. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202210-0198", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0 that's all 7.2.2", }, { model: "fortiswitch manager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 that's all 7.0.7", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, cve: "CVE-2022-40684", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2022-40684", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-40684", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-40684", trust: 1, value: "CRITICAL", }, { author: "psirt@fortinet.com", id: "CVE-2022-40684", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2022-40684", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202210-347", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "CNNVD", id: "CNNVD-202210-347", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. fortinet's FortiProxy , FortiSwitch Manager , FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiOS has security flaws. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements", sources: [ { db: "NVD", id: "CVE-2022-40684", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "VULHUB", id: "VHN-429172", }, ], trust: 1.71, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-429172", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-40684", trust: 3.3, }, { db: "PACKETSTORM", id: "169431", trust: 2.5, }, { db: "PACKETSTORM", id: "171515", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2022-019256", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202210-347", trust: 0.7, }, { db: "EXPLOIT-DB", id: "51092", trust: 0.6, }, { db: "VULHUB", id: "VHN-429172", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "CNNVD", id: "CNNVD-202210-347", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, id: "VAR-202210-0198", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-429172", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:30:57.935000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-377", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-22-377", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1, }, { problemtype: "Inappropriate authentication (CWE-287) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-306", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "http://packetstormsecurity.com/files/169431/fortinet-fortios-fortiproxy-fortiswitchmanager-authentication-bypass.html", }, { trust: 2.4, url: "http://packetstormsecurity.com/files/171515/fortinet-7.2.1-authentication-bypass.html", }, { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-22-377", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-40684", }, { trust: 0.8, url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-privilege-escalation-39490", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-40684/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-privilege-escalation-via-http-https-administrative-interface-39490", }, { trust: 0.6, url: "https://www.exploit-db.com/exploits/51092", }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "CNNVD", id: "CNNVD-202210-347", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "CNNVD", id: "CNNVD-202210-347", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-18T00:00:00", db: "VULHUB", id: "VHN-429172", }, { date: "2023-10-25T00:00:00", db: "JVNDB", id: "JVNDB-2022-019256", }, { date: "2022-10-07T00:00:00", db: "CNNVD", id: "CNNVD-202210-347", }, { date: "2022-10-18T14:15:09.747000", db: "NVD", id: "CVE-2022-40684", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-20T00:00:00", db: "VULHUB", id: "VHN-429172", }, { date: "2023-10-25T02:51:00", db: "JVNDB", id: "JVNDB-2022-019256", }, { date: "2023-03-28T00:00:00", db: "CNNVD", id: "CNNVD-202210-347", }, { date: "2024-06-28T13:57:03.760000", db: "NVD", id: "CVE-2022-40684", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202210-347", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Authentication vulnerabilities in multiple Fortinet products", sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "access control error", sources: [ { db: "CNNVD", id: "CNNVD-202210-347", }, ], trust: 0.6, }, }
var-202112-0338
Vulnerability from variot
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0338", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios-6k7k", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortianalyzer", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiadc", scope: "lte", trust: 1, vendor: "fortinet", version: "6.1.5", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.13", }, { model: "fortindr", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios-6k7k", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.6", }, { model: "fortiadc", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios-6k7k", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.2", }, { model: "fortivoice", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiweb", scope: "lte", trust: 1, vendor: "fortinet", version: "6.3.16", }, { model: "fortiadc", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.2", }, { model: "fortiweb", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortirecorder", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortimanager", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortimail", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.7", }, { model: "fortiadc", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortimail", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.9", }, { model: "fortivoice", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortirecorder", scope: "gte", trust: 1, vendor: "fortinet", version: "2.6.0", }, { model: "fortirecorder", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.2", }, { model: "fortimail", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortivoice", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.7", }, { model: "fortiportal", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortimanager", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortiswitch", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.3", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.1", }, { model: "fortiportal", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortimail", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.6", }, { model: "fortimanager", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.7", }, { model: "fortianalyzer", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortimanager", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortindr", scope: "lte", trust: 1, vendor: "fortinet", version: "1.5.2", }, { model: "fortirecorder", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.10", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortianalyzer", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortimail", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.7", }, { model: "fortiswitch", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortianalyzer", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.7", }, { model: "fortivoice", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.4", }, { model: "fortiweb", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.1", }, { model: "fortiweb", scope: "eq", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortimail", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortimanager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortianalyzer", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiweb", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, cve: "CVE-2021-42757", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "CVE-2021-42757", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-403819", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2021-42757", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "OTHER", availabilityImpact: "High", baseScore: 6.7, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-016008", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-42757", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-42757", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-42757", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202112-559", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-403819", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-403819", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "CNNVD", id: "CNNVD-202112-559", }, { db: "NVD", id: "CVE-2021-42757", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2021-42757", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "VULHUB", id: "VHN-403819", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-42757", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-016008", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-559", trust: 0.6, }, { db: "VULHUB", id: "VHN-403819", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-403819", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "CNNVD", id: "CNNVD-202112-559", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, id: "VAR-202112-0338", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-403819", }, ], trust: 0.36984128000000005, }, last_update_date: "2024-11-23T22:20:42.629000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-173", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-173", }, { title: "Fortinet FortiOS Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173877", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "CNNVD", id: "CNNVD-202112-559", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Classic buffer overflow (CWE-120) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-120", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-403819", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-21-173", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-42757", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-tftp-client-library-37026", }, ], sources: [ { db: "VULHUB", id: "VHN-403819", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "CNNVD", id: "CNNVD-202112-559", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-403819", }, { db: "JVNDB", id: "JVNDB-2021-016008", }, { db: "CNNVD", id: "CNNVD-202112-559", }, { db: "NVD", id: "CVE-2021-42757", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-08T00:00:00", db: "VULHUB", id: "VHN-403819", }, { date: "2022-12-05T00:00:00", db: "JVNDB", id: "JVNDB-2021-016008", }, { date: "2021-12-07T00:00:00", db: "CNNVD", id: "CNNVD-202112-559", }, { date: "2021-12-08T11:15:11.840000", db: "NVD", id: "CVE-2021-42757", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-09T00:00:00", db: "VULHUB", id: "VHN-403819", }, { date: "2022-12-05T06:18:00", db: "JVNDB", id: "JVNDB-2021-016008", }, { date: "2021-12-13T00:00:00", db: "CNNVD", id: "CNNVD-202112-559", }, { date: "2024-11-21T06:28:06.653000", db: "NVD", id: "CVE-2021-42757", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202112-559", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS of TFTP client library and FortiOS Classic buffer overflow vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-016008", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202112-559", }, ], trust: 0.6, }, }
var-202112-0357
Vulnerability from variot
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability. FortiProxy and FortiGate Exists in an inadequate validation of data reliability vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiProxy SSL VPN is the United States ( Fortinet ) company's application software. An intrusion detection function is provided
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0357", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.6", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.9", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.11", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.13", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.3", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, cve: "CVE-2021-26103", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "CVE-2021-26103", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 4.9, id: "VHN-385067", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:H/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2021-26103", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-26103", impactScore: 3.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-26103", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-26103", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2021-26103", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-26103", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202112-530", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-385067", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-385067", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "CNNVD", id: "CNNVD-202112-530", }, { db: "NVD", id: "CVE-2021-26103", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability. FortiProxy and FortiGate Exists in an inadequate validation of data reliability vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiProxy SSL VPN is the United States ( Fortinet ) company's application software. An intrusion detection function is provided", sources: [ { db: "NVD", id: "CVE-2021-26103", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "VULHUB", id: "VHN-385067", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-26103", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-016005", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-530", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2021.4147", trust: 0.6, }, { db: "CS-HELP", id: "SB2021120716", trust: 0.6, }, { db: "CNVD", id: "CNVD-2022-19075", trust: 0.1, }, { db: "VULHUB", id: "VHN-385067", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-385067", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "CNNVD", id: "CNNVD-202112-530", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, id: "VAR-202112-0357", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-385067", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:02:55.123000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-20-158", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-20-158", }, { title: "Fortinet FortiProxy SSL VPN Repair measures for data forgery problem vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173980", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "CNNVD", id: "CNNVD-202112-530", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-345", trust: 1.1, }, { problemtype: "Inadequate verification of data reliability (CWE-345) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-385067", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-20-158", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26103", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4147", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021120716", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-cross-site-request-forgery-via-ssl-vpn-portal-37020", }, ], sources: [ { db: "VULHUB", id: "VHN-385067", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "CNNVD", id: "CNNVD-202112-530", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-385067", }, { db: "JVNDB", id: "JVNDB-2021-016005", }, { db: "CNNVD", id: "CNNVD-202112-530", }, { db: "NVD", id: "CVE-2021-26103", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-08T00:00:00", db: "VULHUB", id: "VHN-385067", }, { date: "2022-12-05T00:00:00", db: "JVNDB", id: "JVNDB-2021-016005", }, { date: "2021-12-08T00:00:00", db: "CNNVD", id: "CNNVD-202112-530", }, { date: "2021-12-08T12:15:07.677000", db: "NVD", id: "CVE-2021-26103", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-09T00:00:00", db: "VULHUB", id: "VHN-385067", }, { date: "2022-12-05T06:07:00", db: "JVNDB", id: "JVNDB-2021-016005", }, { date: "2021-12-13T00:00:00", db: "CNNVD", id: "CNNVD-202112-530", }, { date: "2021-12-09T21:11:26.673000", db: "NVD", id: "CVE-2021-26103", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-530", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiProxy and FortiGate Inadequate validation of data reliability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-016005", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "data forgery", sources: [ { db: "CNNVD", id: "CNNVD-202112-530", }, ], trust: 0.6, }, }
var-202302-1270
Vulnerability from variot
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy). fortinet's FortiProxy and FortiOS Exists in a certificate validation vulnerability.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1270", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.9", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.4", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 that's all 7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0 that's all 7.2.4", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, cve: "CVE-2022-39948", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2022-39948", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2022-39948", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.4, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-39948", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-39948", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2022-39948", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2022-39948", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202302-1437", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "CNNVD", id: "CNNVD-202302-1437", }, { db: "NVD", id: "CVE-2022-39948", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy). fortinet's FortiProxy and FortiOS Exists in a certificate validation vulnerability.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2022-39948", }, { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "VULHUB", id: "VHN-435744", }, { db: "VULMON", id: "CVE-2022-39948", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-39948", trust: 3.4, }, { db: "JVN", id: "JVNVU93656033", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-24-074-11", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2023-004443", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.1055", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202302-1437", trust: 0.6, }, { db: "VULHUB", id: "VHN-435744", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-39948", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-435744", }, { db: "VULMON", id: "CVE-2022-39948", }, { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "CNNVD", id: "CNNVD-202302-1437", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, id: "VAR-202302-1270", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-435744", }, ], trust: 0.01, }, last_update_date: "2024-08-14T13:17:28.199000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-257", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-22-257", }, { title: "Fortinet FortiOS Repair measures for trust management problem vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226806", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "CNNVD", id: "CNNVD-202302-1437", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-295", trust: 1.1, }, { problemtype: "Illegal certificate verification (CWE-295) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-435744", }, { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-257", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu93656033/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-39948", }, { trust: 0.8, url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-11", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-39948/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.1055", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-435744", }, { db: "VULMON", id: "CVE-2022-39948", }, { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "CNNVD", id: "CNNVD-202302-1437", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-435744", }, { db: "VULMON", id: "CVE-2022-39948", }, { db: "JVNDB", id: "JVNDB-2023-004443", }, { db: "CNNVD", id: "CNNVD-202302-1437", }, { db: "NVD", id: "CVE-2022-39948", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-435744", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-39948", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2023-004443", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1437", }, { date: "2023-02-16T19:15:12.993000", db: "NVD", id: "CVE-2022-39948", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-24T00:00:00", db: "VULHUB", id: "VHN-435744", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-39948", }, { date: "2024-03-22T07:12:00", db: "JVNDB", id: "JVNDB-2023-004443", }, { date: "2023-02-27T00:00:00", db: "CNNVD", id: "CNNVD-202302-1437", }, { date: "2023-11-07T03:50:40.990000", db: "NVD", id: "CVE-2022-39948", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202302-1437", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Certificate validation vulnerabilities in", sources: [ { db: "JVNDB", id: "JVNDB-2023-004443", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "trust management problem", sources: [ { db: "CNNVD", id: "CNNVD-202302-1437", }, ], trust: 0.6, }, }
var-202302-1300
Vulnerability from variot
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response. fortinet's FortiProxy and FortiOS There is an injection vulnerability in.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1300", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.10", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.16", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.2", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 to 7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.12", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.1", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.1 to 6.0.16", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, cve: "CVE-2022-42472", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2022-42472", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.6, id: "CVE-2022-42472", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 5.4, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2022-42472", impactScore: null, integrityImpact: "Low", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-42472", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2022-42472", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2022-42472", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202302-1426", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "CNNVD", id: "CNNVD-202302-1426", }, { db: "NVD", id: "CVE-2022-42472", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response. fortinet's FortiProxy and FortiOS There is an injection vulnerability in.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2022-42472", }, { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "VULHUB", id: "VHN-439113", }, { db: "VULMON", id: "CVE-2022-42472", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-42472", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-019901", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.1052", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202302-1426", trust: 0.6, }, { db: "VULHUB", id: "VHN-439113", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-42472", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-439113", }, { db: "VULMON", id: "CVE-2022-42472", }, { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "CNNVD", id: "CNNVD-202302-1426", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, id: "VAR-202302-1300", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-439113", }, ], trust: 0.01, }, last_update_date: "2024-08-14T15:05:53.755000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-362", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-22-362", }, { title: "Fortinet FortiOS Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226088", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "CNNVD", id: "CNNVD-202302-1426", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-113", trust: 1, }, { problemtype: "CWE-74", trust: 1, }, { problemtype: "injection (CWE-74) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-436", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-439113", }, { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-362", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-42472", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.1052", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-42472/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-439113", }, { db: "VULMON", id: "CVE-2022-42472", }, { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "CNNVD", id: "CNNVD-202302-1426", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-439113", }, { db: "VULMON", id: "CVE-2022-42472", }, { db: "JVNDB", id: "JVNDB-2022-019901", }, { db: "CNNVD", id: "CNNVD-202302-1426", }, { db: "NVD", id: "CVE-2022-42472", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-439113", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-42472", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2022-019901", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1426", }, { date: "2023-02-16T19:15:13.583000", db: "NVD", id: "CVE-2022-42472", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-27T00:00:00", db: "VULHUB", id: "VHN-439113", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-42472", }, { date: "2023-10-30T01:20:00", db: "JVNDB", id: "JVNDB-2022-019901", }, { date: "2023-02-28T00:00:00", db: "CNNVD", id: "CNNVD-202302-1426", }, { date: "2023-11-07T03:53:22.160000", db: "NVD", id: "CVE-2022-42472", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202302-1426", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Injection vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2022-019901", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202302-1426", }, ], trust: 0.6, }, }
var-202208-0231
Vulnerability from variot
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. plural Fortinet The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both Fortinet FortiOS and Fortinet FortiGate are products of Fortinet. Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiGate is a network security platform. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. Fortinet FortiGate and FortiOS have security vulnerabilities that can be exploited to run code via CLI format strings
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0231", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.4.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.0.14", }, { model: "fortiadc", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiadc", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.1", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.7", }, { model: "fortiadc", scope: "lte", trust: 1, vendor: "fortinet", version: "6.1.6", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.8", }, { model: "fortimail", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortimail", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.5", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortiadc", scope: "gte", trust: 1, vendor: "fortinet", version: "6.1.0", }, { model: "fortiadc", scope: "eq", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.14", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortimail", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.1", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.10", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortiadc", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortimail", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.2", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.2.15", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiadcmanager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortimail", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, cve: "CVE-2022-22299", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, id: "CVE-2022-22299", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "OTHER", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2022-016210", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-22299", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2022-22299", trust: 1, value: "HIGH", }, { author: "OTHER", id: "JVNDB-2022-016210", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202208-2039", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "CNNVD", id: "CNNVD-202208-2039", }, { db: "NVD", id: "CVE-2022-22299", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. plural Fortinet The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both Fortinet FortiOS and Fortinet FortiGate are products of Fortinet. Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiGate is a network security platform. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. Fortinet FortiGate and FortiOS have security vulnerabilities that can be exploited to run code via CLI format strings", sources: [ { db: "NVD", id: "CVE-2022-22299", }, { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "VULHUB", id: "VHN-410853", }, { db: "VULMON", id: "CVE-2022-22299", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-22299", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-016210", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202208-2039", trust: 0.7, }, { db: "VULHUB", id: "VHN-410853", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-22299", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-410853", }, { db: "VULMON", id: "CVE-2022-22299", }, { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "CNNVD", id: "CNNVD-202208-2039", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, id: "VAR-202208-0231", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-410853", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:37:22.222000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-235", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-235", }, { title: "Fortinet FortiGate and Fortinet FortiOS Fixes for formatting string error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203975", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "CNNVD", id: "CNNVD-202208-2039", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-134", trust: 1, }, { problemtype: "Format string problem (CWE-134) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-21-235", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22299", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-code-execution-via-cli-format-string-38970", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-22299/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-410853", }, { db: "VULMON", id: "CVE-2022-22299", }, { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "CNNVD", id: "CNNVD-202208-2039", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-410853", }, { db: "VULMON", id: "CVE-2022-22299", }, { db: "JVNDB", id: "JVNDB-2022-016210", }, { db: "CNNVD", id: "CNNVD-202208-2039", }, { db: "NVD", id: "CVE-2022-22299", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-08-05T00:00:00", db: "VULHUB", id: "VHN-410853", }, { date: "2022-08-05T00:00:00", db: "VULMON", id: "CVE-2022-22299", }, { date: "2023-10-03T00:00:00", db: "JVNDB", id: "JVNDB-2022-016210", }, { date: "2022-08-02T00:00:00", db: "CNNVD", id: "CNNVD-202208-2039", }, { date: "2022-08-05T20:15:08.147000", db: "NVD", id: "CVE-2022-22299", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-08-11T00:00:00", db: "VULHUB", id: "VHN-410853", }, { date: "2022-08-06T00:00:00", db: "VULMON", id: "CVE-2022-22299", }, { date: "2023-10-03T01:12:00", db: "JVNDB", id: "JVNDB-2022-016210", }, { date: "2022-08-12T00:00:00", db: "CNNVD", id: "CNNVD-202208-2039", }, { date: "2022-08-11T17:54:14.543000", db: "NVD", id: "CVE-2022-22299", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202208-2039", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Fortinet Product Format String Vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2022-016210", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "format string error", sources: [ { db: "CNNVD", id: "CNNVD-202208-2039", }, ], trust: 0.6, }, }
var-202106-0668
Vulnerability from variot
A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the diagnose sys cpuset with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution. FortiProxy Is vulnerable to an out-of-bounds write.Denial of service (DoS) It may be put into a state. Pillow is a Python-based image processing library.
There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. Fortinet FortiProxy SSL VPN has a buffer overflow vulnerability that stems from a boundary error in the FortiProxy physical appliance CLI. The following products and versions are affected: FortiProxy: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.1.0, 1.1.1, 1.1 .2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7 , 1.2.8, 1.2.9, 2.0.0, 2.0.1
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202106-0668", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.2", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.10", }, { model: "fortiproxy", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, cve: "CVE-2021-22130", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "CVE-2021-22130", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, id: "VHN-380539", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 1.2, id: "CVE-2021-22130", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, id: "CVE-2021-22130", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 4.9, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-22130", impactScore: null, integrityImpact: "None", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-22130", trust: 1, value: "MEDIUM", }, { author: "psirt@fortinet.com", id: "CVE-2021-22130", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-22130", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202106-015", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-380539", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-22130", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-380539", }, { db: "VULMON", id: "CVE-2021-22130", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-015", }, { db: "NVD", id: "CVE-2021-22130", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution. FortiProxy Is vulnerable to an out-of-bounds write.Denial of service (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Fortinet FortiProxy SSL VPN is an application software of the United States (Fortinet) company. An intrusion detection function is provided. Fortinet FortiProxy SSL VPN has a buffer overflow vulnerability that stems from a boundary error in the FortiProxy physical appliance CLI. The following products and versions are affected: FortiProxy: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.1.0, 1.1.1, 1.1 .2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7 , 1.2.8, 1.2.9, 2.0.0, 2.0.1", sources: [ { db: "NVD", id: "CVE-2021-22130", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-380539", }, { db: "VULMON", id: "CVE-2021-22130", }, ], trust: 2.34, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-22130", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2021-007672", trust: 0.8, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.1889", trust: 0.6, }, { db: "CS-HELP", id: "SB2021060123", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202106-015", trust: 0.6, }, { db: "VULHUB", id: "VHN-380539", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-22130", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-380539", }, { db: "VULMON", id: "CVE-2021-22130", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-015", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, id: "VAR-202106-0668", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-380539", }, ], trust: 0.01, }, last_update_date: "2024-08-14T12:37:33.189000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-006", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-006", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-007672", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-380539", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-21-006", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22130", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021060123", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.1889", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-380539", }, { db: "VULMON", id: "CVE-2021-22130", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-015", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-380539", }, { db: "VULMON", id: "CVE-2021-22130", }, { db: "JVNDB", id: "JVNDB-2021-007672", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "CNNVD", id: "CNNVD-202106-015", }, { db: "NVD", id: "CVE-2021-22130", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-06-03T00:00:00", db: "VULHUB", id: "VHN-380539", }, { date: "2021-06-03T00:00:00", db: "VULMON", id: "CVE-2021-22130", }, { date: "2022-02-18T00:00:00", db: "JVNDB", id: "JVNDB-2021-007672", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-06-01T00:00:00", db: "CNNVD", id: "CNNVD-202106-015", }, { date: "2021-06-03T11:15:08.527000", db: "NVD", id: "CVE-2021-22130", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-06-11T00:00:00", db: "VULHUB", id: "VHN-380539", }, { date: "2021-06-11T00:00:00", db: "VULMON", id: "CVE-2021-22130", }, { date: "2022-02-18T09:13:00", db: "JVNDB", id: "JVNDB-2021-007672", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2021-06-15T00:00:00", db: "CNNVD", id: "CNNVD-202106-015", }, { date: "2021-06-11T17:11:21.330000", db: "NVD", id: "CVE-2021-22130", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202106-015", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiProxy Out-of-bounds Vulnerability in Microsoft", sources: [ { db: "JVNDB", id: "JVNDB-2021-007672", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202104-975", }, ], trust: 0.6, }, }
var-202212-0808
Vulnerability from variot
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server. fortinet's FortiProxy and FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202212-0808", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.9", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.6", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.15", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.10", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, cve: "CVE-2022-35843", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2022-35843", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2022-35843", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-35843", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-35843", trust: 1, value: "CRITICAL", }, { author: "psirt@fortinet.com", id: "CVE-2022-35843", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2022-35843", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202212-2590", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "CNNVD", id: "CNNVD-202212-2590", }, { db: "NVD", id: "CVE-2022-35843", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server. fortinet's FortiProxy and FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2022-35843", }, { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "VULHUB", id: "VHN-432094", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-35843", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2022-023337", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202212-2590", trust: 0.6, }, { db: "VULHUB", id: "VHN-432094", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-432094", }, { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "CNNVD", id: "CNNVD-202212-2590", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, id: "VAR-202212-0808", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-432094", }, ], trust: 0.01, }, last_update_date: "2024-08-14T13:52:53.527000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-255", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-22-255", }, { title: "Fortinet FortiOS Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=216881", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "CNNVD", id: "CNNVD-202212-2590", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-284", trust: 1, }, { problemtype: "CWE-287", trust: 1, }, { problemtype: "Inappropriate authentication (CWE-287) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-22-255", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-35843", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-user-access-via-radius-ssh-authentication-40036", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-35843/", }, ], sources: [ { db: "VULHUB", id: "VHN-432094", }, { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "CNNVD", id: "CNNVD-202212-2590", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-432094", }, { db: "JVNDB", id: "JVNDB-2022-023337", }, { db: "CNNVD", id: "CNNVD-202212-2590", }, { db: "NVD", id: "CVE-2022-35843", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-12-06T00:00:00", db: "VULHUB", id: "VHN-432094", }, { date: "2023-11-28T00:00:00", db: "JVNDB", id: "JVNDB-2022-023337", }, { date: "2022-12-06T00:00:00", db: "CNNVD", id: "CNNVD-202212-2590", }, { date: "2022-12-06T17:15:10.873000", db: "NVD", id: "CVE-2022-35843", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-12-08T00:00:00", db: "VULHUB", id: "VHN-432094", }, { date: "2023-11-28T06:20:00", db: "JVNDB", id: "JVNDB-2022-023337", }, { date: "2022-12-09T00:00:00", db: "CNNVD", id: "CNNVD-202212-2590", }, { date: "2023-11-07T03:49:25.277000", db: "NVD", id: "CVE-2022-35843", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202212-2590", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Authentication vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2022-023337", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202212-2590", }, ], trust: 0.6, }, }
var-202112-0330
Vulnerability from variot
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page. FortiOS and FortiProxy Exists in a past traversal vulnerability.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0330", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.1", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.1", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, cve: "CVE-2021-41024", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-41024", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-402294", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-41024", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "OTHER", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-015884", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-41024", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2021-41024", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-41024", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202112-531", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-402294", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-402294", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "CNNVD", id: "CNNVD-202112-531", }, { db: "NVD", id: "CVE-2021-41024", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page. FortiOS and FortiProxy Exists in a past traversal vulnerability.Information may be obtained. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam", sources: [ { db: "NVD", id: "CVE-2021-41024", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "VULHUB", id: "VHN-402294", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-41024", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-015884", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-531", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2021.4147", trust: 0.6, }, { db: "CS-HELP", id: "SB2021120718", trust: 0.6, }, { db: "CNVD", id: "CNVD-2021-101142", trust: 0.1, }, { db: "VULHUB", id: "VHN-402294", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-402294", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "CNNVD", id: "CNNVD-202112-531", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, id: "VAR-202112-0330", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-402294", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:05:05.782000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-21-181", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-21-181", }, { title: "Fortinet FortiOS Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173873", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "CNNVD", id: "CNNVD-202112-531", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.1, }, { problemtype: "Path traversal (CWE-22) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-402294", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-21-181", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41024", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4147", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021120718", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-directory-traversal-via-login-page-37027", }, ], sources: [ { db: "VULHUB", id: "VHN-402294", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "CNNVD", id: "CNNVD-202112-531", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-402294", }, { db: "JVNDB", id: "JVNDB-2021-015884", }, { db: "CNNVD", id: "CNNVD-202112-531", }, { db: "NVD", id: "CVE-2021-41024", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-08T00:00:00", db: "VULHUB", id: "VHN-402294", }, { date: "2022-12-01T00:00:00", db: "JVNDB", id: "JVNDB-2021-015884", }, { date: "2021-12-08T00:00:00", db: "CNNVD", id: "CNNVD-202112-531", }, { date: "2021-12-08T13:15:07.957000", db: "NVD", id: "CVE-2021-41024", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-09T00:00:00", db: "VULHUB", id: "VHN-402294", }, { date: "2022-12-01T07:33:00", db: "JVNDB", id: "JVNDB-2021-015884", }, { date: "2021-12-15T00:00:00", db: "CNNVD", id: "CNNVD-202112-531", }, { date: "2024-11-21T06:25:17.477000", db: "NVD", id: "CVE-2021-41024", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-531", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS and FortiProxy Past traversal vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-015884", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "path traversal", sources: [ { db: "CNNVD", id: "CNNVD-202112-531", }, ], trust: 0.6, }, }
var-202302-1415
Vulnerability from variot
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it. fortinet's FortiProxy and FortiOS Exists in unspecified vulnerabilities.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1415", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.11", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.16", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 that's all 7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.0.0 to 6.0.16", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.12", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, cve: "CVE-2022-29054", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", exploitabilityScore: 1.8, id: "CVE-2022-29054", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "None", baseScore: 3.3, baseSeverity: "Low", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2022-29054", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-29054", trust: 1, value: "LOW", }, { author: "psirt@fortinet.com", id: "CVE-2022-29054", trust: 1, value: "LOW", }, { author: "NVD", id: "CVE-2022-29054", trust: 0.8, value: "Low", }, { author: "CNNVD", id: "CNNVD-202302-1450", trust: 0.6, value: "LOW", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "CNNVD", id: "CNNVD-202302-1450", }, { db: "NVD", id: "CVE-2022-29054", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it. fortinet's FortiProxy and FortiOS Exists in unspecified vulnerabilities.Information may be obtained", sources: [ { db: "NVD", id: "CVE-2022-29054", }, { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "VULHUB", id: "VHN-420588", }, { db: "VULMON", id: "CVE-2022-29054", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-29054", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2023-004468", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202302-1450", trust: 0.6, }, { db: "VULHUB", id: "VHN-420588", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-29054", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-420588", }, { db: "VULMON", id: "CVE-2022-29054", }, { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "CNNVD", id: "CNNVD-202302-1450", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, id: "VAR-202302-1415", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-420588", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:49:19.175000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-080", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-22-080", }, { title: "Fortinet FortiOS Security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=226816", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "CNNVD", id: "CNNVD-202302-1450", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-329", trust: 1, }, { problemtype: "NVD-CWE-Other", trust: 1, }, { problemtype: "others (CWE-Other) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-080", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-29054", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-29054/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-420588", }, { db: "VULMON", id: "CVE-2022-29054", }, { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "CNNVD", id: "CNNVD-202302-1450", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-420588", }, { db: "VULMON", id: "CVE-2022-29054", }, { db: "JVNDB", id: "JVNDB-2023-004468", }, { db: "CNNVD", id: "CNNVD-202302-1450", }, { db: "NVD", id: "CVE-2022-29054", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-420588", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-29054", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2023-004468", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1450", }, { date: "2023-02-16T19:15:12.263000", db: "NVD", id: "CVE-2022-29054", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-24T00:00:00", db: "VULHUB", id: "VHN-420588", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-29054", }, { date: "2023-10-30T07:30:00", db: "JVNDB", id: "JVNDB-2023-004468", }, { date: "2023-02-27T00:00:00", db: "CNNVD", id: "CNNVD-202302-1450", }, { date: "2023-11-07T03:45:53.387000", db: "NVD", id: "CVE-2022-29054", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202302-1450", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2023-004468", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202302-1450", }, ], trust: 0.6, }, }
var-202210-0421
Vulnerability from variot
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request. fortinet's FortiProxy and FortiOS Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. There is a security vulnerability in Fortinet FortiOS. The vulnerability stems from the fact that an attacker can forcibly dereference a NULL pointer through the SSL VPN Portal to trigger a denial of service. The following products and versions are affected: Fortinet FortiOS Version 7.2.0, Versions 7.0.0 to 7.0.5, Versions 6.4.0 to 6.4.9, Versions 6.2.0 to 6.2.10, Versions 6.0.0 to 6.0.14
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202210-0421", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.6", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "2.0.10", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.2.11", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "6.4.10", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 that's all 7.0.7", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 that's all 6.4.10", }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 that's all 6.2.11", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, cve: "CVE-2022-29055", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2022-29055", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2022-29055", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2022-29055", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2022-29055", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2022-29055", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202210-376", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "CNNVD", id: "CNNVD-202210-376", }, { db: "NVD", id: "CVE-2022-29055", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request. fortinet's FortiProxy and FortiOS Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. There is a security vulnerability in Fortinet FortiOS. The vulnerability stems from the fact that an attacker can forcibly dereference a NULL pointer through the SSL VPN Portal to trigger a denial of service. The following products and versions are affected: Fortinet FortiOS Version 7.2.0, Versions 7.0.0 to 7.0.5, Versions 6.4.0 to 6.4.9, Versions 6.2.0 to 6.2.10, Versions 6.0.0 to 6.0.14", sources: [ { db: "NVD", id: "CVE-2022-29055", }, { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "VULHUB", id: "VHN-420589", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-29055", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2022-019255", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202210-376", trust: 0.7, }, { db: "VULHUB", id: "VHN-420589", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-420589", }, { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "CNNVD", id: "CNNVD-202210-376", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, id: "VAR-202210-0421", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-420589", }, ], trust: 0.01, }, last_update_date: "2024-08-14T13:21:36.850000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-086", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-22-086", }, { title: "Fortinet FortiOS Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=211449", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "CNNVD", id: "CNNVD-202210-376", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-824", trust: 1.1, }, { problemtype: "Accessing uninitialized pointers (CWE-824) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-420589", }, { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-22-086", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-29055", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-null-pointer-dereference-via-ssl-vpn-portal-39498", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-29055/", }, ], sources: [ { db: "VULHUB", id: "VHN-420589", }, { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "CNNVD", id: "CNNVD-202210-376", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-420589", }, { db: "JVNDB", id: "JVNDB-2022-019255", }, { db: "CNNVD", id: "CNNVD-202210-376", }, { db: "NVD", id: "CVE-2022-29055", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-18T00:00:00", db: "VULHUB", id: "VHN-420589", }, { date: "2023-10-25T00:00:00", db: "JVNDB", id: "JVNDB-2022-019255", }, { date: "2022-10-10T00:00:00", db: "CNNVD", id: "CNNVD-202210-376", }, { date: "2022-10-18T15:15:09.620000", db: "NVD", id: "CVE-2022-29055", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-20T00:00:00", db: "VULHUB", id: "VHN-420589", }, { date: "2023-10-25T02:49:00", db: "JVNDB", id: "JVNDB-2022-019255", }, { date: "2022-10-21T00:00:00", db: "CNNVD", id: "CNNVD-202210-376", }, { date: "2022-10-20T19:13:12.883000", db: "NVD", id: "CVE-2022-29055", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202210-376", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "fortinet's FortiProxy and FortiOS Vulnerability in accessing uninitialized pointers in", sources: [ { db: "JVNDB", id: "JVNDB-2022-019255", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202210-376", }, ], trust: 0.6, }, }
var-201906-0817
Vulnerability from variot
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. Fortinet FortiOS Contains a buffer error vulnerability.Denial of service (DoS) May be in a state. FortinetFortiOS is a set of Fortinet security operating systems dedicated to the FortiGate network security platform. The system provides users with multiple security features such as firewall, anti-virus, IPSec/SSLVPN, web content filtering and anti-spam. A buffer overflow vulnerability exists in FortinetFort iOS version 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and earlier. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow. Fortinet FortiOS is prone to a buffer-overflow vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. The following versions are vulnerable: FortiOS 6.0.0 through 6.0.4 FortiOS 5.6.0 through 5.6.7 FortiOS 5.4 and prior
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201906-0817", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.10", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.8", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.2.14", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.4.12", }, { model: "fortios", scope: "lte", trust: 0.8, vendor: "fortinet", version: "5.4", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "5.6.0 to 5.6.7", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "fortinet", version: "6.0.0 to 6.0.4", }, { model: "fortios", scope: "gte", trust: 0.6, vendor: "fortinet", version: "6.0.0,<=6.0.4", }, { model: "fortios", scope: "gte", trust: 0.6, vendor: "fortinet", version: "5.6.0,<=5.6.7", }, { model: "fortios", scope: "lte", trust: 0.6, vendor: "fortinet", version: "<=5.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "6.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.7.7", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.19", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.17", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.15", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.8", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.2.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.1.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "3.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.80", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.50", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "2.36", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.6.1", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.4.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.9", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.10", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.2", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.6", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.5", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.4", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.12", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.11", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "5.0", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.18", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.16", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.14", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.13", }, { model: "fortios", scope: "eq", trust: 0.3, vendor: "fortinet", version: "4.3.12", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "6.0.5", }, { model: "fortios", scope: "ne", trust: 0.3, vendor: "fortinet", version: "5.6.8", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "BID", id: "108440", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:fortinet:fortios", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-015567", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Meh Chang and Orange Tsai from DEVCORE Security Research Team", sources: [ { db: "BID", id: "108440", }, { db: "CNNVD", id: "CNNVD-201905-878", }, ], trust: 0.9, }, cve: "CVE-2018-13381", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2018-13381", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-25051", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-123435", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2018-13381", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2018-13381", impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2018-13381", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-13381", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2018-13381", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2018-13381", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2019-25051", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201905-878", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-123435", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-13381", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "VULHUB", id: "VHN-123435", }, { db: "VULMON", id: "CVE-2018-13381", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNNVD", id: "CNNVD-201905-878", }, { db: "NVD", id: "CVE-2018-13381", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. Fortinet FortiOS Contains a buffer error vulnerability.Denial of service (DoS) May be in a state. FortinetFortiOS is a set of Fortinet security operating systems dedicated to the FortiGate network security platform. The system provides users with multiple security features such as firewall, anti-virus, IPSec/SSLVPN, web content filtering and anti-spam. A buffer overflow vulnerability exists in FortinetFort iOS version 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and earlier. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow. Fortinet FortiOS is prone to a buffer-overflow vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. \nThe following versions are vulnerable:\nFortiOS 6.0.0 through 6.0.4\nFortiOS 5.6.0 through 5.6.7\nFortiOS 5.4 and prior", sources: [ { db: "NVD", id: "CVE-2018-13381", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNVD", id: "CNVD-2019-25051", }, { db: "BID", id: "108440", }, { db: "VULHUB", id: "VHN-123435", }, { db: "VULMON", id: "CVE-2018-13381", }, ], trust: 2.61, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-13381", trust: 3.5, }, { db: "AUSCERT", id: "ESB-2019.1822", trust: 1.2, }, { db: "BID", id: "108440", trust: 1.1, }, { db: "JVNDB", id: "JVNDB-2018-015567", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201905-878", trust: 0.7, }, { db: "CNVD", id: "CNVD-2019-25051", trust: 0.6, }, { db: "VULHUB", id: "VHN-123435", trust: 0.1, }, { db: "VULMON", id: "CVE-2018-13381", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "VULHUB", id: "VHN-123435", }, { db: "VULMON", id: "CVE-2018-13381", }, { db: "BID", id: "108440", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNNVD", id: "CNNVD-201905-878", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, id: "VAR-201906-0817", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-123435", }, ], trust: 0.01, }, last_update_date: "2024-11-23T22:21:35.729000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-18-387", trust: 0.8, url: "https://fortiguard.com/psirt/FG-IR-18-387", }, { title: "FortinetFortiOS Buffer Overflow Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/172331", }, { title: "forti-vpn", trust: 0.1, url: "https://github.com/jam620/forti-vpn ", }, { title: "SecBooks", trust: 0.1, url: "https://github.com/SexyBeast233/SecBooks ", }, { title: "BleepingComputer", trust: 0.1, url: "https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-vulnerabilities-in-ssl-vpn-and-web-firewall/", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "VULMON", id: "CVE-2018-13381", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-123435", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://www.securityfocus.com/bid/108440", }, { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-18-387", }, { trust: 1.8, url: "https://fortiguard.com/advisory/fg-ir-20-232", }, { trust: 1.5, url: "https://fortiguard.com/psirt/fg-ir-18-387", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2018-13381", }, { trust: 1.2, url: "https://www.auscert.org.au/bulletins/esb-2019.1822/", }, { trust: 0.9, url: "https://www.fortinet.com/products/fortigate/fortios.html", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13381", }, { trust: 0.6, url: "http://www.fortinet.com/technology/network-os-fortios.html", }, { trust: 0.6, url: "https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-buffer-overflow-via-web-portal-post-message-29467", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "VULHUB", id: "VHN-123435", }, { db: "VULMON", id: "CVE-2018-13381", }, { db: "BID", id: "108440", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNNVD", id: "CNNVD-201905-878", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-25051", }, { db: "VULHUB", id: "VHN-123435", }, { db: "VULMON", id: "CVE-2018-13381", }, { db: "BID", id: "108440", }, { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNNVD", id: "CNNVD-201905-878", }, { db: "NVD", id: "CVE-2018-13381", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-07-30T00:00:00", db: "CNVD", id: "CNVD-2019-25051", }, { date: "2019-06-04T00:00:00", db: "VULHUB", id: "VHN-123435", }, { date: "2019-06-04T00:00:00", db: "VULMON", id: "CVE-2018-13381", }, { date: "2019-05-17T00:00:00", db: "BID", id: "108440", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015567", }, { date: "2019-05-22T00:00:00", db: "CNNVD", id: "CNNVD-201905-878", }, { date: "2019-06-04T21:29:00.313000", db: "NVD", id: "CVE-2018-13381", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-07-30T00:00:00", db: "CNVD", id: "CNVD-2019-25051", }, { date: "2019-08-29T00:00:00", db: "VULHUB", id: "VHN-123435", }, { date: "2021-03-16T00:00:00", db: "VULMON", id: "CVE-2018-13381", }, { date: "2019-05-17T00:00:00", db: "BID", id: "108440", }, { date: "2019-06-17T00:00:00", db: "JVNDB", id: "JVNDB-2018-015567", }, { date: "2021-03-10T00:00:00", db: "CNNVD", id: "CNNVD-201905-878", }, { date: "2024-11-21T03:46:59.530000", db: "NVD", id: "CVE-2018-13381", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201905-878", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Fortinet FortiOS Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-015567", }, { db: "CNNVD", id: "CNNVD-201905-878", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201905-878", }, ], trust: 0.6, }, }
var-202112-0289
Vulnerability from variot
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features. FortiOS autod daemon and FortiProxy Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0289", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.6", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.0.7", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "5.6.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.0.12", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.9", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "5.6.14", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "2.0.1", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.0.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.0.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.9", }, { model: "fortios", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, cve: "CVE-2021-26110", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "CVE-2021-26110", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-385074", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, id: "CVE-2021-26110", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "OTHER", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2021-016016", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-26110", trust: 1, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2021-26110", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-26110", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202112-532", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-385074", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-385074", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "CNNVD", id: "CNNVD-202112-532", }, { db: "NVD", id: "CVE-2021-26110", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features. FortiOS autod daemon and FortiProxy Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam", sources: [ { db: "NVD", id: "CVE-2021-26110", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "VULHUB", id: "VHN-385074", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-26110", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-016016", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-532", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2021.4147", trust: 0.6, }, { db: "CS-HELP", id: "SB2021120717", trust: 0.6, }, { db: "VULHUB", id: "VHN-385074", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-385074", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "CNNVD", id: "CNNVD-202112-532", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, id: "VAR-202112-0289", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-385074", }, ], trust: 0.01, }, last_update_date: "2024-08-14T14:02:55.097000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-20-131", trust: 0.8, url: "https://www.fortiguard.com/psirt/FG-IR-20-131", }, { title: "Fortinet FortiOS Fixes for access control error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173726", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "CNNVD", id: "CNNVD-202112-532", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-Other", trust: 1, }, { problemtype: "others (CWE-Other) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-269", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-385074", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://fortiguard.com/advisory/fg-ir-20-131", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26110", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4147", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021120717", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-privilege-escalation-via-automation-script-feature-37019", }, ], sources: [ { db: "VULHUB", id: "VHN-385074", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "CNNVD", id: "CNNVD-202112-532", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-385074", }, { db: "JVNDB", id: "JVNDB-2021-016016", }, { db: "CNNVD", id: "CNNVD-202112-532", }, { db: "NVD", id: "CVE-2021-26110", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-08T00:00:00", db: "VULHUB", id: "VHN-385074", }, { date: "2022-12-05T00:00:00", db: "JVNDB", id: "JVNDB-2021-016016", }, { date: "2021-12-08T00:00:00", db: "CNNVD", id: "CNNVD-202112-532", }, { date: "2021-12-08T11:15:11.683000", db: "NVD", id: "CVE-2021-26110", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-12T00:00:00", db: "VULHUB", id: "VHN-385074", }, { date: "2022-12-05T06:46:00", db: "JVNDB", id: "JVNDB-2021-016016", }, { date: "2022-07-14T00:00:00", db: "CNNVD", id: "CNNVD-202112-532", }, { date: "2022-07-12T17:42:04.277000", db: "NVD", id: "CVE-2021-26110", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202112-532", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "FortiOS autod daemon and FortiProxy Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-016016", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202112-532", }, ], trust: 0.6, }, }