cvelistv5 - cve-2024-36505

cve-2024-36505

Vulnerability from cvelistv5

Published

2024-08-13 15:51

Modified

2024-08-15 14:16

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RC:R

Summary

An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-24-012	Vendor Advisory

Impacted products

	Vendor	Product	Version
	Fortinet	FortiOS	Version: 7.4.0 ≤ 7.4.3 Version: 7.2.5 ≤ 7.2.7 Version: 7.0.12 ≤ 7.0.14 Version: 6.4.13 ≤ 6.4.15

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-36505",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-15T14:16:37.203552Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-08-15T14:16:57.399Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "FortiOS",
               vendor: "Fortinet",
               versions: [
                  {
                     lessThanOrEqual: "7.4.3",
                     status: "affected",
                     version: "7.4.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.2.7",
                     status: "affected",
                     version: "7.2.5",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.0.14",
                     status: "affected",
                     version: "7.0.12",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "6.4.15",
                     status: "affected",
                     version: "6.4.13",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "NONE",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "Improper access control",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-13T15:51:56.981Z",
            orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            shortName: "fortinet",
         },
         references: [
            {
               name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
               url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
      assignerShortName: "fortinet",
      cveId: "CVE-2024-36505",
      datePublished: "2024-08-13T15:51:56.981Z",
      dateReserved: "2024-05-29T08:44:50.759Z",
      dateUpdated: "2024-08-15T14:16:57.399Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-36505\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2024-08-13T16:15:08.970\",\"lastModified\":\"2024-08-22T14:36:31.643\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS 7.4.0 a 7.4.3, 7.2.5 a 7.2.7, 7.0.12 a 7.0.14 y 6.4.x puede permitir que un atacante que ya haya obtenido acceso de escritura con éxito al sistema subyacente (a través de otro exploit hipotético) para evitar el sistema de verificación de integridad de archivos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.4,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.13\",\"versionEndIncluding\":\"6.4.15\",\"matchCriteriaId\":\"B26D3CC8-B77D-4C5C-B3AC-096679F47877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.12\",\"versionEndExcluding\":\"7.0.15\",\"matchCriteriaId\":\"F754A050-02F5-4848-9065-5E15117B227E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.5\",\"versionEndExcluding\":\"7.2.8\",\"matchCriteriaId\":\"14113139-B64B-4069-A88F-D1999ED7EC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.4\",\"matchCriteriaId\":\"1FDDB5F3-D229-4208-9110-8860A03C8B59\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-24-012\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-36505\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-15T14:16:37.203552Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-15T14:16:51.582Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Fortinet\", \"product\": \"FortiOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.2.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.0.12\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.4.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.4.15\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Please upgrade to FortiOS version 7.4.4 or above \\nPlease upgrade to FortiOS version 7.2.8 or above \\nPlease upgrade to FortiOS version 7.0.15 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-012\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-24-012\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"Improper access control\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2024-08-13T15:51:56.981Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-36505\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-15T14:16:57.399Z\", \"dateReserved\": \"2024-05-29T08:44:50.759Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2024-08-13T15:51:56.981Z\", \"assignerShortName\": \"fortinet\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

SSA-698820

Vulnerability from csaf_siemens

Published

2024-07-09 00:00

Modified

2024-10-08 00:00

Summary

SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Notes

Summary

Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications.

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
         tlp: {
            label: "WHITE",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\nSiemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications.",
            title: "Summary",
         },
         {
            category: "general",
            text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
            title: "General Recommendations",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "legal_disclaimer",
            text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "productcert@siemens.com",
         name: "Siemens ProductCERT",
         namespace: "https://www.siemens.com",
      },
      references: [
         {
            category: "self",
            summary: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices - HTML Version",
            url: "https://cert-portal.siemens.com/productcert/html/ssa-698820.html",
         },
         {
            category: "self",
            summary: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json",
         },
      ],
      title: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices",
      tracking: {
         current_release_date: "2024-10-08T00:00:00Z",
         generator: {
            engine: {
               name: "Siemens ProductCERT CSAF Generator",
               version: "1",
            },
         },
         id: "SSA-698820",
         initial_release_date: "2024-07-09T00:00:00Z",
         revision_history: [
            {
               date: "2024-07-09T00:00:00Z",
               legacy_version: "1.0",
               number: "1",
               summary: "Publication Date",
            },
            {
               date: "2024-08-13T00:00:00Z",
               legacy_version: "1.1",
               number: "2",
               summary: "Updated CVE-2024-23111 description and added newly published CVE-2024-26006 and CVE-2024-26015",
            },
            {
               date: "2024-09-10T00:00:00Z",
               legacy_version: "1.2",
               number: "3",
               summary: "Added newly published upstream vulnerability CVE-2024-36505",
            },
            {
               date: "2024-10-08T00:00:00Z",
               legacy_version: "1.3",
               number: "4",
               summary: "Added fix for Fortinet NGFW as released from Siemens for RUGGEDCOM APE1808; added mitigations for CVE-2024-26006 and CVE-2024-26010",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "vers:all/*",
                        product: {
                           name: "RUGGEDCOM APE1808",
                           product_id: "1",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "RUGGEDCOM APE1808",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-46720",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         notes: [
            {
               category: "summary",
               text: "A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2023-46720",
      },
      {
         cve: "CVE-2024-21754",
         cwe: {
            id: "CWE-916",
            name: "Use of Password Hash With Insufficient Computational Effort",
         },
         notes: [
            {
               category: "summary",
               text: "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 1.8,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-21754",
      },
      {
         cve: "CVE-2024-23111",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "summary",
               text: "An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-23111",
      },
      {
         cve: "CVE-2024-26006",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "summary",
               text: "An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS and FortiProxy's web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via social engineering the targeted user into bookmarking a malicious samba server, then opening the bookmark.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "mitigation",
               details: "Disable SSL-VPN web-mode (see \nhttps://fortiguard.fortinet.com/psirt/FG-IR-23-485)",
               product_ids: [
                  "1",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26006",
      },
      {
         cve: "CVE-2024-26010",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         notes: [
            {
               category: "summary",
               text: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "mitigation",
               details: "For each interface, remove the fgfm access (see \nhttps://www.fortiguard.com/psirt/FG-IR-24-036)",
               product_ids: [
                  "1",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26010",
      },
      {
         cve: "CVE-2024-26015",
         cwe: {
            id: "CWE-1389",
            name: "Incorrect Parsing of Numbers with Different Radices",
         },
         notes: [
            {
               category: "summary",
               text: "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.4,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:F/RL:W/RC:R",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26015",
      },
      {
         cve: "CVE-2024-36505",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "summary",
               text: "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RC:R",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-36505",
      },
   ],
}

ssa-698820

Vulnerability from csaf_siemens

Published

2024-07-09 00:00

Modified

2024-10-08 00:00

Summary

SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Notes

Summary

General Recommendations

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

JSON

To clipboard

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
         tlp: {
            label: "WHITE",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products.\nSiemens has released a new version of Fortigate NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Siemens recommends to consult and implement the workarounds provided in Fortinet's upstream security notifications.",
            title: "Summary",
         },
         {
            category: "general",
            text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
            title: "General Recommendations",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "legal_disclaimer",
            text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "productcert@siemens.com",
         name: "Siemens ProductCERT",
         namespace: "https://www.siemens.com",
      },
      references: [
         {
            category: "self",
            summary: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices - HTML Version",
            url: "https://cert-portal.siemens.com/productcert/html/ssa-698820.html",
         },
         {
            category: "self",
            summary: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-698820.json",
         },
      ],
      title: "SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices",
      tracking: {
         current_release_date: "2024-10-08T00:00:00Z",
         generator: {
            engine: {
               name: "Siemens ProductCERT CSAF Generator",
               version: "1",
            },
         },
         id: "SSA-698820",
         initial_release_date: "2024-07-09T00:00:00Z",
         revision_history: [
            {
               date: "2024-07-09T00:00:00Z",
               legacy_version: "1.0",
               number: "1",
               summary: "Publication Date",
            },
            {
               date: "2024-08-13T00:00:00Z",
               legacy_version: "1.1",
               number: "2",
               summary: "Updated CVE-2024-23111 description and added newly published CVE-2024-26006 and CVE-2024-26015",
            },
            {
               date: "2024-09-10T00:00:00Z",
               legacy_version: "1.2",
               number: "3",
               summary: "Added newly published upstream vulnerability CVE-2024-36505",
            },
            {
               date: "2024-10-08T00:00:00Z",
               legacy_version: "1.3",
               number: "4",
               summary: "Added fix for Fortinet NGFW as released from Siemens for RUGGEDCOM APE1808; added mitigations for CVE-2024-26006 and CVE-2024-26010",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "vers:all/*",
                        product: {
                           name: "RUGGEDCOM APE1808",
                           product_id: "1",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "RUGGEDCOM APE1808",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-46720",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         notes: [
            {
               category: "summary",
               text: "A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2023-46720",
      },
      {
         cve: "CVE-2024-21754",
         cwe: {
            id: "CWE-916",
            name: "Use of Password Hash With Insufficient Computational Effort",
         },
         notes: [
            {
               category: "summary",
               text: "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 1.8,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-21754",
      },
      {
         cve: "CVE-2024-23111",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "summary",
               text: "An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-23111",
      },
      {
         cve: "CVE-2024-26006",
         cwe: {
            id: "CWE-79",
            name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
         },
         notes: [
            {
               category: "summary",
               text: "An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS and FortiProxy's web SSL VPN UI may allow a remote unauthenticated attacker to perform a Cross-Site Scripting attack via social engineering the targeted user into bookmarking a malicious samba server, then opening the bookmark.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "mitigation",
               details: "Disable SSL-VPN web-mode (see \nhttps://fortiguard.fortinet.com/psirt/FG-IR-23-485)",
               product_ids: [
                  "1",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26006",
      },
      {
         cve: "CVE-2024-26010",
         cwe: {
            id: "CWE-121",
            name: "Stack-based Buffer Overflow",
         },
         notes: [
            {
               category: "summary",
               text: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "mitigation",
               details: "For each interface, remove the fgfm access (see \nhttps://www.fortiguard.com/psirt/FG-IR-24-036)",
               product_ids: [
                  "1",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26010",
      },
      {
         cve: "CVE-2024-26015",
         cwe: {
            id: "CWE-1389",
            name: "Incorrect Parsing of Numbers with Different Radices",
         },
         notes: [
            {
               category: "summary",
               text: "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.4,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:F/RL:W/RC:R",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-26015",
      },
      {
         cve: "CVE-2024-36505",
         cwe: {
            id: "CWE-284",
            name: "Improper Access Control",
         },
         notes: [
            {
               category: "summary",
               text: "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "vendor_fix",
               details: "Update Fortigate NGFW to V7.4.4. Contact customer support to receive patch and update information.",
               product_ids: [
                  "1",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RC:R",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-36505",
      },
   ],
}

WID-SEC-W-2024-1830

Vulnerability from csaf_certbund

Published

2024-08-13 22:00

Modified

2024-08-13 22:00

Summary

Fortinet FortiOS: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen. FortiProxy ist eine Web-Proxy Lösung. FortiSwitch bezeichnet die Ethernet Switch Produktfamilie von Fortinet.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen.\r\nFortiProxy ist eine Web-Proxy Lösung.\r\n\r\nFortiSwitch bezeichnet die Ethernet Switch Produktfamilie von Fortinet.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1830 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1830.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1830 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1830",
         },
         {
            category: "external",
            summary: "FortiGuard Advisory vom 2024-08-13",
            url: "https://fortiguard.fortinet.com/psirt/FG-IR-22-445",
         },
         {
            category: "external",
            summary: "FortiGuard Advisory vom 2024-08-13",
            url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
         },
      ],
      source_lang: "en-US",
      title: "Fortinet FortiOS: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen",
      tracking: {
         current_release_date: "2024-08-13T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:12:14.275+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-1830",
         initial_release_date: "2024-08-13T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-08-13T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.2.6",
                        product: {
                           name: "Fortinet FortiOS <7.2.6",
                           product_id: "T036797",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiOS <7.4.4",
                           product_id: "T036806",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.8",
                        product: {
                           name: "Fortinet FortiOS <7.2.8",
                           product_id: "T036807",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.15",
                        product: {
                           name: "Fortinet FortiOS <7.0.15",
                           product_id: "T036808",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiOS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4",
                        product: {
                           name: "Fortinet FortiProxy <7.4",
                           product_id: "T036810",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiProxy",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.2.2",
                        product: {
                           name: "Fortinet FortiSwitch <7.2.2",
                           product_id: "T036804",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiSwitch",
               },
            ],
            category: "vendor",
            name: "Fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-45862",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch. Diese Schwachstelle besteht aufgrund einer unzureichenden Behandlung des Sitzungsablaufs in der GUI, wodurch Sitzungen nach dem Abmelden aktiv bleiben können. Ein Angreifer, der sich die erforderlichen Anmeldeinformationen verschafft hat, kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen und Websitzungen nach der Abmeldung erneut zu verwenden.",
            },
         ],
         product_status: {
            known_affected: [
               "T036808",
            ],
         },
         release_date: "2024-08-13T22:00:00.000+00:00",
         title: "CVE-2022-45862",
      },
      {
         cve: "CVE-2024-36505",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS aufgrund einer unzureichenden Zugriffskontrolle. Ein lokaler Angreifer mit privilegiertem Zugriff auf das System kann diese Schwachstelle ausnutzen, um das System zur Überprüfung der Dateiintegrität zu umgehen, was möglicherweise zu weiteren nicht autorisierten Änderungen führt.",
            },
         ],
         product_status: {
            known_affected: [
               "T036797",
            ],
         },
         release_date: "2024-08-13T22:00:00.000+00:00",
         title: "CVE-2024-36505",
      },
   ],
}

wid-sec-w-2024-1830

Vulnerability from csaf_certbund

Published

2024-08-13 22:00

Modified

2024-08-13 22:00

Summary

Fortinet FortiOS: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen

Notes

Produktbeschreibung

FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen. FortiProxy ist eine Web-Proxy Lösung. FortiSwitch bezeichnet die Ethernet Switch Produktfamilie von Fortinet.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen.\r\nFortiProxy ist eine Web-Proxy Lösung.\r\n\r\nFortiSwitch bezeichnet die Ethernet Switch Produktfamilie von Fortinet.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein lokaler Angreifer kann mehrere Schwachstellen in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1830 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1830.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1830 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1830",
         },
         {
            category: "external",
            summary: "FortiGuard Advisory vom 2024-08-13",
            url: "https://fortiguard.fortinet.com/psirt/FG-IR-22-445",
         },
         {
            category: "external",
            summary: "FortiGuard Advisory vom 2024-08-13",
            url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
         },
      ],
      source_lang: "en-US",
      title: "Fortinet FortiOS: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen",
      tracking: {
         current_release_date: "2024-08-13T22:00:00.000+00:00",
         generator: {
            date: "2024-08-15T18:12:14.275+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.5",
            },
         },
         id: "WID-SEC-W-2024-1830",
         initial_release_date: "2024-08-13T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-08-13T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.2.6",
                        product: {
                           name: "Fortinet FortiOS <7.2.6",
                           product_id: "T036797",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiOS <7.4.4",
                           product_id: "T036806",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.8",
                        product: {
                           name: "Fortinet FortiOS <7.2.8",
                           product_id: "T036807",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.15",
                        product: {
                           name: "Fortinet FortiOS <7.0.15",
                           product_id: "T036808",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiOS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4",
                        product: {
                           name: "Fortinet FortiProxy <7.4",
                           product_id: "T036810",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiProxy",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.2.2",
                        product: {
                           name: "Fortinet FortiSwitch <7.2.2",
                           product_id: "T036804",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiSwitch",
               },
            ],
            category: "vendor",
            name: "Fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2022-45862",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS, Fortinet FortiProxy und Fortinet FortiSwitch. Diese Schwachstelle besteht aufgrund einer unzureichenden Behandlung des Sitzungsablaufs in der GUI, wodurch Sitzungen nach dem Abmelden aktiv bleiben können. Ein Angreifer, der sich die erforderlichen Anmeldeinformationen verschafft hat, kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen und Websitzungen nach der Abmeldung erneut zu verwenden.",
            },
         ],
         product_status: {
            known_affected: [
               "T036808",
            ],
         },
         release_date: "2024-08-13T22:00:00.000+00:00",
         title: "CVE-2022-45862",
      },
      {
         cve: "CVE-2024-36505",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS aufgrund einer unzureichenden Zugriffskontrolle. Ein lokaler Angreifer mit privilegiertem Zugriff auf das System kann diese Schwachstelle ausnutzen, um das System zur Überprüfung der Dateiintegrität zu umgehen, was möglicherweise zu weiteren nicht autorisierten Änderungen führt.",
            },
         ],
         product_status: {
            known_affected: [
               "T036797",
            ],
         },
         release_date: "2024-08-13T22:00:00.000+00:00",
         title: "CVE-2024-36505",
      },
   ],
}

ghsa-44gw-49w9-fmfr

Vulnerability from github

Published

2024-08-13 18:31

Modified

2024-08-13 18:31

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2024-36505",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-284",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-08-13T16:15:08Z",
      severity: "MODERATE",
   },
   details: "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.",
   id: "GHSA-44gw-49w9-fmfr",
   modified: "2024-08-13T18:31:15Z",
   published: "2024-08-13T18:31:15Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-36505",
      },
      {
         type: "WEB",
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
         type: "CVSS_V3",
      },
   ],
}

fkie_cve-2024-36505

Vulnerability from fkie_nvd

Published

2024-08-13 16:15

Modified

2024-08-22 14:36

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-24-012	Vendor Advisory

Impacted products

Vendor	Product	Version
fortinet	fortios	*
fortinet	fortios	*
fortinet	fortios	*
fortinet	fortios	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D3CC8-B77D-4C5C-B3AC-096679F47877",
                     versionEndIncluding: "6.4.15",
                     versionStartIncluding: "6.4.13",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F754A050-02F5-4848-9065-5E15117B227E",
                     versionEndExcluding: "7.0.15",
                     versionStartIncluding: "7.0.12",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "14113139-B64B-4069-A88F-D1999ED7EC18",
                     versionEndExcluding: "7.2.8",
                     versionStartIncluding: "7.2.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59",
                     versionEndExcluding: "7.4.4",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS 7.4.0 a 7.4.3, 7.2.5 a 7.2.7, 7.0.12 a 7.0.14 y 6.4.x puede permitir que un atacante que ya haya obtenido acceso de escritura con éxito al sistema subyacente (a través de otro exploit hipotético) para evitar el sistema de verificación de integridad de archivos.",
      },
   ],
   id: "CVE-2024-36505",
   lastModified: "2024-08-22T14:36:31.643",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.1,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.4,
            impactScore: 3.6,
            source: "psirt@fortinet.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-08-13T16:15:08.970",
   references: [
      {
         source: "psirt@fortinet.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
      },
   ],
   sourceIdentifier: "psirt@fortinet.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "psirt@fortinet.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-36505

Vulnerability from cvelistv5

SSA-698820

Vulnerability from csaf_siemens

ssa-698820

Vulnerability from csaf_siemens

WID-SEC-W-2024-1830

Vulnerability from csaf_certbund

wid-sec-w-2024-1830

Vulnerability from csaf_certbund

ghsa-44gw-49w9-fmfr

Vulnerability from github

fkie_cve-2024-36505

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature