Action not permitted
Modal body text goes here.
Modal Title
Modal Body
gsd-2022-23439
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-23439",
"id": "GSD-2022-23439"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-23439"
],
"id": "GSD-2022-23439",
"modified": "2023-12-13T01:19:35.106317Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23439",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
cve-2022-23439
Vulnerability from cvelistv5
Published
2025-01-22 09:10
Modified
2025-01-22 14:21
Severity ?
EPSS score ?
Summary
A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiTester |
Version: 7.2.0 ≤ 7.2.1 Version: 7.1.0 ≤ 7.1.1 Version: 7.0.0 Version: 4.2.0 ≤ 4.2.1 Version: 4.1.0 ≤ 4.1.1 Version: 4.0.0 Version: 3.9.0 ≤ 3.9.2 Version: 3.8.0 Version: 3.7.0 ≤ 3.7.1 Version: 3.6.0 Version: 3.5.0 ≤ 3.5.1 Version: 3.4.0 Version: 3.3.0 ≤ 3.3.1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-23439",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T14:21:27.552014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T14:21:36.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiTester",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.1.1",
"status": "affected",
"version": "7.1.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"lessThanOrEqual": "4.2.1",
"status": "affected",
"version": "4.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.1.1",
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.0.0"
},
{
"lessThanOrEqual": "3.9.2",
"status": "affected",
"version": "3.9.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"lessThanOrEqual": "3.7.1",
"status": "affected",
"version": "3.7.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"lessThanOrEqual": "3.5.1",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThan": "6.4.*",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortimail:7.2.*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiMail",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.8",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.9",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.12",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.12",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "7.2.*",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSwitch",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.8",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.7",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDDoS-F",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.3.3",
"status": "affected",
"version": "6.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.3",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.5",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.4",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiRecorder",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.2",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.7.7",
"status": "affected",
"version": "2.7.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.6.3",
"status": "affected",
"version": "2.6.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiNDR",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.5.3",
"status": "affected",
"version": "1.5.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.4.0"
},
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "1.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.2.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiADC",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.1",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.3",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.6",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.4",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.5",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.7",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.8",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.1.7",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSOAR",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.4",
"status": "affected",
"version": "6.4.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.1",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiVoice",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.1",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.8",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.11",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDDoS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "5.5.1",
"status": "affected",
"version": "5.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.3",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.2",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.2.0"
},
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.0.0"
},
{
"status": "affected",
"version": "4.7.0"
},
{
"status": "affected",
"version": "4.6.0"
},
{
"status": "affected",
"version": "4.5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiWLC",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "8.6.7",
"status": "affected",
"version": "8.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.5",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.4.8",
"status": "affected",
"version": "8.4.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.4.2",
"status": "affected",
"version": "8.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiPortal",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.9",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAuthenticator",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.1",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.3.3",
"status": "affected",
"version": "6.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.2",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.3",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.8",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "5.5.0"
},
{
"lessThanOrEqual": "5.4.1",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.1",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.2",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.1.2",
"status": "affected",
"version": "5.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T09:10:28.669Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-254",
"url": "https://fortiguard.com/psirt/FG-IR-21-254"
}
],
"solutions": [
{
"lang": "en",
"value": "FortiOS\nAdministrative Interface\nPlease upgrade to FortiOS version 7.0.6 and above,\nPlease upgrade to FortiOS version 7.2.1 and above.\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebfilter interface (port 8008)\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nPlease upgrade to FortiOS version 7.0.12 or above\nPlease upgrade to FortiOS version 6.4.13 or above\n\nFortiProxy\nAdministrative Interface\nPlease upgrade to FortiProxy version 7.0.5 and above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiProxy version 7.4.0 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebFilter\u00a0interface (port 8008)\nPlease upgrade to FortiProxy version 7.4.0 or above\n\nPlease upgrade to FortiRecorder version 7.0.0 or above \nPlease upgrade to FortiRecorder version 6.4.3 or above \nPlease upgrade to FortiRecorder version 6.0.11 or above \nPlease upgrade to FortiNDR version 7.4.0 or above\n\nFortiNDR\nPlease upgrade to FortiNDR version 7.2.1 or above\nPlease upgrade to FortiNDR version 7.1.1 or above\nAND\nSet the `https-redirect-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set https-redirect-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\nend\n\nFortiADC\nPlease upgrade to FortiADC version 7.1.0 or above\nPlease upgrade to FortiADC version 7.0.2 or above\nPlease upgrade to FortiADC version 6.2.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nFortiDDOS-F\nPlease upgrade to FortiDDoS-F version 6.4.0 or above\nPlease upgrade to FortiDDoS-F version 6.3.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\" \n\nPlease upgrade to FortiSwitch version 7.2.0 or above \nPlease upgrade to FortiSwitch version 7.0.5 or above \nPlease upgrade to FortiSwitch version 6.4.11 or above \nPlease upgrade to FortiVoice version 7.0.2 or above\nPlease upgrade to FortiVoice version 6.4.9 or above\nPlease upgrade to FortiMail version 7.2.0 or above \nPlease upgrade to FortiMail version 7.0.4 or above \nPlease upgrade to FortiWLC version 8.6.7 or above \nPlease upgrade to FortiAuthenticator version 6.4.2 or above \nPlease upgrade to FortiAuthenticator version 6.3.4 or above \nPlease upgrade to FortiDDoS version 5.6.0 or above \nPlease upgrade to FortiDDoS version 5.5.2 or above \nPlease upgrade to FortiSOAR version 7.3.0 or above \nPlease upgrade to FortiTester version 7.3.0 or above \nPlease upgrade to FortiTester version 7.2.2 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-23439",
"datePublished": "2025-01-22T09:10:28.669Z",
"dateReserved": "2022-01-19T07:38:03.512Z",
"dateUpdated": "2025-01-22T14:21:36.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.