Vulnerabilites related to Fortinet - FortiSwitchManager
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 | |
| fortinet | fortios | 7.2.1 | |
| fortinet | fortios | 7.2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "03222066-2B1D-4854-8CAE-6992D7F40150", versionEndIncluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "20B53FFE-073D-43E9-9D6F-9C86937C0228", versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "FF6F9869-F824-4519-986E-A032668EA7BA", versionEndIncluding: "6.4.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65", versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "8B736A23-95B8-4D87-863A-AC8E901078EA", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "F5CE1D01-26C0-4141-B7B1-E26B976DF835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.", }, ], id: "CVE-2022-41335", lastModified: "2024-11-21T07:23:04.617", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-16T19:15:13.513", references: [ { source: "psirt@fortinet.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-12-11 19:54
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4A93633F-8865-49D7-A5CE-F7D009DFB901", versionEndExcluding: "7.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "62F2452A-7AF9-4BD2-932D-D6414699C793", versionEndIncluding: "1.3.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894", versionEndExcluding: "7.0.17", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFFA2C3-0A23-4884-B751-785BE598DFF3", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EFB333FC-4406-4EBD-B6F2-6C41BCE2E742", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB0D2553-E4E6-454A-80F6-9D014A4710D3", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Un desbordamiento de búfer basado en pila en Fortinet FortiPAM versión 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager versión 7.2.0 a 7.2.3, 7.0.1 a 7.0. 3, FortiOS versión 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0. 18, FortiProxy versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.15, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7 permite a un atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-26010", lastModified: "2024-12-11T19:54:35.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T15:16:04.473", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-18 14:15
Modified
2025-02-19 19:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ cisaActionDue: "2022-11-01", cisaExploitAdd: "2022-10-11", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Fortinet Multiple Products Authentication Bypass Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "B778AD94-D279-42B4-A062-8231F14936B3", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A86B1AB3-F33E-461C-A19C-C3A51B47AC5F", versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "B2DDB271-0A73-4C94-B3CE-B766E99898C0", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", }, { lang: "es", value: "Una omisión de autenticación usando una ruta o canal alternativo [CWE-288] en Fortinet FortiOS versión versiones 7.2.0 hasta 7.2.1 y 7.0.0 hasta 7.0.6, FortiProxy versión 7.2.0 y versiones 7.0.0 hasta 7.0.6 y FortiSwitchManager versión 7.2.0 y 7.0.0, permite a un atacante no autenticado llevar a cabo operaciones en la interfaz administrativa por medio de peticiones HTTP o HTTPS especialmente diseñadas", }, ], id: "CVE-2022-40684", lastModified: "2025-02-19T19:37:18.357", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-18T14:15:09.747", references: [ { source: "psirt@fortinet.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { source: "psirt@fortinet.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, { source: "psirt@fortinet.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.0.1 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "22936F53-4480-4011-9211-174D1C507E87", versionEndIncluding: "1.0.7", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BBF05F-4967-4A2E-A8F8-C2086097148B", versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "33B84D9A-55E3-4146-A55A-ACB507E61B05", versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6607C71D-D434-430A-8DFD-9125381D2D36", versionEndIncluding: "2.0.11", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F3A99BB-534C-4984-948B-8FFF659A9B9B", versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "F5F302F8-482A-4DA9-BDD9-63886B202B52", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "91E7F209-D645-48EC-BB5F-E730E55E8EE9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "331A1766-4EBA-4519-A8ED-E0DD68A187E9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "469E9E1C-154C-41CB-AC83-FBE5E6FA83EB", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99", versionEndIncluding: "6.2.15", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF", versionEndIncluding: "6.4.12", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "9E775D02-7C02-40BE-A118-D874B9BBC936", versionEndIncluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "813E179E-B948-4480-A5B1-B0ED562A41BC", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.", }, ], id: "CVE-2022-42474", lastModified: "2024-11-21T07:25:02.533", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:15.597", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:27
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3D9BC2D4-EA5F-448E-A9FA-0445EF6CC9E0", versionEndExcluding: "7.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "CE24A52F-07B6-4E40-955B-7B71826AC299", versionEndExcluding: "7.2.6", versionStartExcluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7F75C4E9-62F6-43F2-B941-476F31F8F39C", versionEndExcluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "CC883A39-5441-45A6-AEEB-D916FA39F635", versionEndExcluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "97097B62-E92F-49F7-9D48-472C4309A716", versionEndExcluding: "7.2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "E96C569E-0642-4FDD-B65F-A5926B69021A", versionEndIncluding: "6.2.16", versionStartIncluding: "6.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "884279B3-E480-44E1-B126-5C1029B6BE75", versionEndIncluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", versionEndIncluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6E44123-995C-4E08-84B5-FF8C76B67B29", versionEndIncluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "61540F5B-080A-4D44-8BE0-75D7A0DCCB53", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "3BA2C6ED-2765-4B56-9B37-10C50BD32C75", versionEndIncluding: "1.0.3", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0CC27DCF-F74C-431C-9545-F405D369AF22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiProxy versiones 7.2.0 a 7.2.5, 7.0.0 a 7.0.11, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6 Versiones de FortiPAM 1.1.0, 1.0.0 a 1.0.3 Versiones de FortiOS 7.4.0, 7.2.0 a 7.2.5, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2. 15 Las versiones 7.2.0 a 7.2.2, 7.0.0 a 7.0.2 de FortiSwitchManager permiten a un atacante ejecutar código o comandos no autorizados a través de comandos cli y solicitudes http especialmente manipulados.", }, ], id: "CVE-2023-45583", lastModified: "2024-11-21T08:27:00.447", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-14T17:15:22.750", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2024-12-12 19:33
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-032 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiportal | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "4A93633F-8865-49D7-A5CE-F7D009DFB901", versionEndExcluding: "7.0.15", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0", versionEndExcluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "18427F16-7339-4A9E-9FA4-EC7A2D3EE218", versionEndExcluding: "1.3.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894", versionEndExcluding: "7.0.17", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "EDFFA2C3-0A23-4884-B751-785BE598DFF3", versionEndExcluding: "7.2.10", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "D2AD66B0-9C99-4F83-80AA-B54E6354ADFD", versionEndExcluding: "6.4.15", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "56DC03E9-D1CF-4273-AF2F-5EB3B8E2D54B", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "4763E504-6974-42C5-B912-3E62A9CC312A", versionEndExcluding: "7.2.5", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", matchCriteriaId: "E4490512-36ED-4212-9D34-D74739A56E84", versionEndExcluding: "7.4.3", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "7A020C2E-1DDB-4737-92D9-B125FFBE007A", versionEndExcluding: "7.0.4", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "EB0D2553-E4E6-454A-80F6-9D014A4710D3", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", matchCriteriaId: "0123003E-587B-4EC8-83B6-0C5D87A8AC10", versionEndExcluding: "6.0.15", versionStartIncluding: "5.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Autenticación faltante para función crítica en Fortinet FortiManager versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.14, FortiPAM versión 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiProxy versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.17, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiSwitchManager versión 7.2.0 a 7.2.3, 7.0.0 a 7.0.3, FortiPortal versión 6.0.0 a 6.0.14, FortiOS versión 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0.18 permite a un atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-26011", lastModified: "2024-12-12T19:33:58.833", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-12T19:15:08.320", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-13 16:15
Modified
2024-08-22 14:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-445 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "C73A0CBF-65BB-4C0A-9A4C-ABE88AF340DD", versionEndExcluding: "7.4.0", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "F1C48730-14E4-4B4A-AD08-BA23903D961E", versionEndExcluding: "7.2.2", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "C84C7A2F-EE15-4CAA-BC3F-A7FDD8A4574F", versionEndExcluding: "7.2.6", versionStartIncluding: "6.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "1F1595B0-CE4A-4B4E-9F5E-A411A012086F", versionEndExcluding: "1.4.0", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.", }, { lang: "es", value: "Una vulnerabilidad de caducidad de sesión insuficiente [CWE-613] en FortiOS 7.2.5 y versiones anteriores, 7.0 todas las versiones, 6.4 todas las versiones; FortiProxy 7.2 todas las versiones, 7.0 todas las versiones; FortiPAM 1.3 todas las versiones, 1.2 todas las versiones, 1.1 todas las versiones, 1.0 todas las versiones; FortiSwitchManager 7.2.1 y versiones anteriores, 7.0 todas las versiones de GUI pueden permitir a los atacantes reutilizar sesiones web después de cerrar sesión en la GUI, en caso de que logren adquirir las credenciales requeridas.", }, ], id: "CVE-2022-45862", lastModified: "2024-08-22T14:32:16.823", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-13T16:15:07.977", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-445", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-15 14:15
Modified
2024-11-29 15:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | 1.2.0 |
{ cisaActionDue: "2024-10-30", cisaExploitAdd: "2024-10-09", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Fortinet Multiple Products Format String Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "94C6FBEA-B8B8-4A92-9CAF-F4A125577C3C", versionEndIncluding: "7.0.14", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "406F8C48-85CE-46AF-BE5C-0ED9E3E16A39", versionEndIncluding: "7.2.8", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "A8DD8789-6485-49E6-92D3-74004D9B6E9B", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "CF2B9FD3-9581-465E-A5E1-A1BCEFB0DFA3", versionEndIncluding: "7.0.3", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", matchCriteriaId: "094185B2-8DC1-46C2-B160-31BEEFDB2CC7", versionEndIncluding: "7.2.3", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "DF27CA2F-3F4C-4CCB-B832-0E792673C429", versionEndIncluding: "7.0.13", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "24D09A92-81EC-4003-B017-C67FC739EEBF", versionEndIncluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", matchCriteriaId: "49C323D0-5B01-4DB2-AB98-7113D8E607B6", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "3BA2C6ED-2765-4B56-9B37-10C50BD32C75", versionEndIncluding: "1.0.3", versionStartIncluding: "1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", matchCriteriaId: "D0060F1F-527F-4E91-A59F-F3141977CB7A", versionEndIncluding: "1.1.2", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6D0927D1-F469-4344-B4C9-3190645F5899", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, { lang: "es", value: "Un uso de cadena de formato controlada externamente en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, FortiProxy versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, versiones de FortiPAM 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, versiones de FortiSwitchManager 7.2.0 a 7.2.3, 7.0.0 a 7.0. 3 permite al atacante ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados.", }, ], id: "CVE-2024-23113", lastModified: "2024-11-29T15:09:12.633", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-15T14:15:46.503", references: [ { source: "psirt@fortinet.com", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "psirt@fortinet.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-07 13:15
Modified
2024-11-21 08:10
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2
7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-174 | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-174 | Not Applicable, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.0.1 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.2.1 | |
| fortinet | fortiswitchmanager | 7.2.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", matchCriteriaId: "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "331A1766-4EBA-4519-A8ED-E0DD68A187E9", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "2B73D78B-2270-45B7-854E-F985B8D88F3B", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "469E9E1C-154C-41CB-AC83-FBE5E6FA83EB", vulnerable: true, }, { criteria: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "959248C7-DC92-4968-87F9-2A2CDF84F7BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2\r\n7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.", }, { lang: "es", value: "Un control de acceso incorrecto en Fortinet FortiSwitchManager, versiones 7.2.0 a 7.2.2 y versiones 7.0.0 a 7.0.1, puede permitir que un usuario remoto autenticado con permisos de solo lectura modifique la configuración de la interfaz a través de la API.", }, ], id: "CVE-2023-36635", lastModified: "2024-11-21T08:10:08.487", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "psirt@fortinet.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-07T13:15:08.433", references: [ { source: "psirt@fortinet.com", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-174", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Vendor Advisory", ], url: "https://fortiguard.com/psirt/FG-IR-22-174", }, ], sourceIdentifier: "psirt@fortinet.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@fortinet.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-40684
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-10-23 13:28
Severity ?
EPSS score ?
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy, FortiSwitchManager |
Version: FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:21:46.541Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-40684", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T13:27:43.070187Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-10-11", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-40684", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T13:28:36.659Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Fortinet FortiOS, FortiProxy, FortiSwitchManager", vendor: "Fortinet", versions: [ { status: "affected", version: "FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0", }, ], }, ], descriptions: [ { lang: "en", value: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitCodeMaturity: "FUNCTIONAL", integrityImpact: "HIGH", privilegesRequired: "NONE", remediationLevel: "UNAVAILABLE", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 9.6, temporalSeverity: "CRITICAL", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Execute unauthorized code or commands", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-27T00:00:00", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { url: "https://fortiguard.com/psirt/FG-IR-22-377", }, { url: "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html", }, { url: "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-40684", datePublished: "2022-10-18T00:00:00", dateReserved: "2022-09-14T00:00:00", dateUpdated: "2024-10-23T13:28:36.659Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25610
Vulnerability from cvelistv5
Published
2025-03-24 15:39
Modified
2025-03-24 18:42
Severity ?
EPSS score ?
Summary
A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.1 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-25610", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-24T16:26:39.771566Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-24T18:42:44.673Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortianalyzer:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiAnalyzer", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.10", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.11", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiOS-6K7K", vendor: "Fortinet", versions: [ { status: "affected", version: "7.0.5", }, { status: "affected", version: "6.4.10", }, { status: "affected", version: "6.4.8", }, { status: "affected", version: "6.4.6", }, { status: "affected", version: "6.4.2", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.9", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.6", versionType: "semver", }, { status: "affected", version: "6.2.4", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.12", versionType: "semver", }, { status: "affected", version: "6.0.10", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.6.14", status: "affected", version: "5.6.0", versionType: "semver", }, { lessThanOrEqual: "5.4.13", status: "affected", version: "5.4.0", versionType: "semver", }, { lessThanOrEqual: "5.2.15", status: "affected", version: "5.2.0", versionType: "semver", }, { lessThanOrEqual: "5.0.14", status: "affected", version: "5.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { lessThanOrEqual: "7.0.4", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.10", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.11", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiWeb", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.6", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.2", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.3.22", status: "affected", version: "6.3.0", versionType: "semver", }, { lessThanOrEqual: "6.2.7", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.1.3", status: "affected", version: "6.1.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-124", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-24T15:39:48.167Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-001", url: "https://fortiguard.com/psirt/FG-IR-23-001", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above\r\nPlease upgrade to FortiWeb version 7.2.2 or above\r\nPlease upgrade to FortiWeb version 7.0.7 or above\r\nPlease upgrade to FortiWeb version 6.4.3 or above\r\nPlease upgrade to FortiWeb version 6.3.23 or above\r\nPlease upgrade to FortiWeb version 6.2.8 or above\r\nPlease upgrade to FortiWeb version 6.1.4 or above\r\nPlease upgrade to upcoming FortiOS version 6.0.17 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiManager version 7.2.1 or above\r\nPlease upgrade to FortiManager version 7.0.5 or above\r\nPlease upgrade to FortiManager version 6.4.12 or above\r\nPlease upgrade to FortiManager version 6.2.11 or above\r\nPlease upgrade to FortiManager version 6.0.12 or above\r\nPlease upgrade to FortiOS-6K7K version 7.0.10 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.13 or above\r\nPlease upgrade to FortiAnalyzer version 7.2.1 or above\r\nPlease upgrade to FortiAnalyzer version 7.0.5 or above\r\nPlease upgrade to FortiAnalyzer version 6.4.12 or above\r\nPlease upgrade to FortiAnalyzer version 6.2.11 or above\r\nPlease upgrade to FortiAnalyzer version 6.0.12 or above\r\n\r\n\r\n## Workaround for FortiOS:\r\n\r\n\r\n\r\nDisable HTTP/HTTPS administrative interface\r\n\r\nOR\r\n\r\nLimit IP addresses that can reach the administrative interface:\r\n\r\n\r\n```\r\nconfig firewall address\r\nedit my_allowed_addresses\r\nset subnet Y IP MY SUBNET\r\nend\r\n```\r\n\r\nThen create an Address Group:\r\n\r\n\r\n```\r\nconfig firewall addrgrp\r\nedit MGMT_IPs\r\nset member my_allowed_addresses\r\nend\r\n```\r\n\r\nCreate the Local in Policy to restrict access only to the predefined group on management interface (here: port1):\r\n\r\n\r\n```\r\nconfig firewall local-in-policy\r\nedit 1\r\nset intf port1\r\nset srcaddr MGMT_IPs\r\nset dstaddr all\r\nset action accept\r\nset service HTTPS HTTP\r\nset schedule always\r\nset status enable\r\nnext\r\n\r\n\r\n\r\nedit 2\r\nset intf any\r\nset srcaddr all\r\nset dstaddr all\r\nset action deny\r\nset service HTTPS HTTP\r\nset schedule always\r\nset status enable\r\nend\r\n```\r\n\r\n\r\nIf using non default ports, create appropriate service object for GUI administrative access:\r\n\r\n```\r\nconfig firewall service custom\r\nedit GUI_HTTPS\r\nset tcp-portrange admin-sport\r\nnext\r\nedit GUI_HTTP\r\nset tcp-portrange admin-port\r\nend\r\n```\r\n\r\n\r\nUse these objects instead of \"HTTPS HTTP\" in the local-in policy 1 and 2 below.\r\n\r\n\r\nWhen using an HA reserved management interface, the local in policy needs to be configured slightly differently - please see: \r\n\r\nhttps://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-a-local-in-policy-on-a-HA/ta-p/222005\r\n\r\nPlease contact customer support for assistance.\r\n\r\n\r\n## Workaround for FortiManager and FortiAnalyzer:\r\n\r\n\r\nLimit IP addresses that can reach the administrative interface\r\n\r\n\r\n## Workaround for FortiWeb:\r\n\r\n\r\n\r\nDisable HTTP/HTTPS administrative interface\r\n\r\nOR\r\n\r\nLimit IP addresses that can reach the administrative interface", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-25610", datePublished: "2025-03-24T15:39:48.167Z", dateReserved: "2023-02-08T13:42:03.367Z", dateUpdated: "2025-03-24T18:42:44.673Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-42790
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-09-17 14:08
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 Version: 2.0.0 ≤ 2.0.13 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:30:24.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-42790", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-16T04:00:43.736004Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T14:04:47.192Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.1", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-17T14:08:06.101Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-328", url: "https://fortiguard.com/psirt/FG-IR-23-328", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above\r\nPlease upgrade to FortiOS version 7.2.6 or above\r\nPlease upgrade to FortiOS version 7.0.13 or above\r\nPlease upgrade to FortiOS version 6.4.15 or above\r\nPlease upgrade to FortiOS version 6.2.16 or above\r\nPlease upgrade to FortiProxy version 7.4.1 or above\r\nPlease upgrade to FortiProxy version 7.2.7 or above\r\nPlease upgrade to FortiProxy version 7.0.13 or above\r\nPlease upgrade to FortiProxy version 2.0.14 or above\r\nFortinet in Q3/23 has remediated this issue in FortiSASE version 23.3.b and hence the customers need not perform any action.", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-42790", datePublished: "2024-03-12T15:09:17.594Z", dateReserved: "2023-09-14T08:37:38.657Z", dateUpdated: "2024-09-17T14:08:06.101Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42474
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:46
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.1 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:10:40.871Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-393", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42474", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T20:18:03.538716Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T20:46:07.625Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.9", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.12", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.15", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:41:42.277Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-393", url: "https://fortiguard.com/psirt/FG-IR-22-393", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.12 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-42474", datePublished: "2023-06-13T08:41:42.277Z", dateReserved: "2022-10-07T14:05:36.301Z", dateUpdated: "2024-10-22T20:46:07.625Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-45862
Vulnerability from cvelistv5
Published
2024-08-13 15:51
Modified
2024-08-13 17:32
Severity ?
EPSS score ?
Summary
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.3.0 Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2022-45862", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T17:32:08.496052Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-13T17:32:25.867Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.3.0", }, { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.11", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.18", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-613", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T15:51:57.147Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-445", url: "https://fortiguard.com/psirt/FG-IR-22-445", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiPAM version 1.4.0 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiSwitchManager version 7.2.2 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-45862", datePublished: "2024-08-13T15:51:57.147Z", dateReserved: "2022-11-23T14:57:05.613Z", dateUpdated: "2024-08-13T17:32:25.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26011
Vulnerability from cvelistv5
Published
2024-11-12 18:53
Modified
2024-11-13 18:44
Severity ?
EPSS score ?
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiManager |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.11 Version: 6.4.0 ≤ 6.4.14 cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-26011", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T18:44:31.679521Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:44:42.785Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.14", status: "affected", version: "6.4.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.19", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiPortal", vendor: "Fortinet", versions: [ { lessThanOrEqual: "6.0.14", status: "affected", version: "6.0.0", versionType: "semver", }, { lessThanOrEqual: "5.3.8", status: "affected", version: "5.3.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-12T18:53:56.665Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-032", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiManager version 7.4.3 or above \nPlease upgrade to FortiManager version 7.2.5 or above \nPlease upgrade to FortiManager version 7.0.12 or above \nPlease upgrade to FortiManager version 6.4.15 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \nPlease upgrade to FortiPortal version 6.0.15 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26011", datePublished: "2024-11-12T18:53:56.665Z", dateReserved: "2024-02-14T09:18:43.245Z", dateUpdated: "2024-11-13T18:44:42.785Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-23113
Vulnerability from cvelistv5
Published
2024-02-15 13:59
Modified
2024-10-10 14:01
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:51:11.285Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-029", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, { status: "affected", version: "1.2.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-23113", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T12:58:44.488595Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2024-10-09", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2024-10-10T14:01:05.045Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.8", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-15T13:59:25.313Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-24-029", url: "https://fortiguard.com/psirt/FG-IR-24-029", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiOS version 7.4.3 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiPAM version 1.2.1 or above \nPlease upgrade to FortiPAM version 1.1.3 or above \nPlease upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.16 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-23113", datePublished: "2024-02-15T13:59:25.313Z", dateReserved: "2024-01-11T16:29:07.980Z", dateUpdated: "2024-10-10T14:01:05.045Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-26010
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2024-08-01 23:59
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { status: "affected", version: "1.2.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-26010", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-06-12T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-13T03:55:22.095Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T23:59:31.322Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", tags: [ "x_transferred", ], url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.2.0", }, { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.3", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.3", status: "affected", version: "7.0.1", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.3", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.7", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, { lessThanOrEqual: "6.0.18", status: "affected", version: "6.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.4.2", status: "affected", version: "7.4.0", versionType: "semver", }, { lessThanOrEqual: "7.2.9", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.15", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.13", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.7", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T14:32:03.697Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", url: "https://fortiguard.fortinet.com/psirt/FG-IR-24-036", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2024-26010", datePublished: "2024-06-11T14:32:03.697Z", dateReserved: "2024-02-14T09:18:43.245Z", dateUpdated: "2024-08-01T23:59:31.322Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41335
Vulnerability from cvelistv5
Published
2023-02-16 18:05
Modified
2024-10-23 14:50
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 Version: 7.0.0 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:46.229Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-391", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41335", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:12:00.557237Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-23T14:50:43.903Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { status: "affected", version: "7.2.0", }, { status: "affected", version: "7.0.0", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.8", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.11", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.12", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.1", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.7", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.11", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThanOrEqual: "1.1.6", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThan: "1.2.*", status: "affected", version: "1.2.0", versionType: "semver", }, { lessThan: "1.1.*", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThan: "1.0.*", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-16T18:05:14.761Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-391", url: "https://fortiguard.com/psirt/FG-IR-22-391", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.3 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiOS version 6.4.11 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.11 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.1 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.1 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2022-41335", datePublished: "2023-02-16T18:05:14.761Z", dateReserved: "2022-09-23T15:07:35.783Z", dateUpdated: "2024-10-23T14:50:43.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36635
Vulnerability from cvelistv5
Published
2023-09-07 12:41
Modified
2024-09-26 14:17
Severity ?
EPSS score ?
Summary
An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2
7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.2 Version: 7.0.0 ≤ 7.0.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:52:54.065Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-174", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-22-174", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-36635", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-26T14:00:27.488932Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-26T14:17:39.335Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.1", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2\r\n7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:F/RL:X/RC:X", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper access control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-07T12:41:13.903Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-22-174", url: "https://fortiguard.com/psirt/FG-IR-22-174", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.2.1 or above\r\nPlease upgrade to FortiOS version 7.0.8 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-36635", datePublished: "2023-09-07T12:41:13.903Z", dateReserved: "2023-06-25T18:03:39.226Z", dateUpdated: "2024-09-26T14:17:39.335Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-40721
Vulnerability from cvelistv5
Published
2025-02-11 16:09
Modified
2025-02-12 15:52
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2.0 through 7.2.2 and before 7.0.2 allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.0 ≤ 7.0.13 Version: 6.4.0 ≤ 6.4.15 Version: 6.2.0 ≤ 6.2.16 cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-40721", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-11T16:35:49.488058Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-12T15:52:51.412Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.13", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { cpes: [], defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.6", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.14", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "2.0.14", status: "affected", version: "2.0.0", versionType: "semver", }, { lessThanOrEqual: "1.2.13", status: "affected", version: "1.2.0", versionType: "semver", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { lessThanOrEqual: "1.1.2", status: "affected", version: "1.1.0", versionType: "semver", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.6, FortiProxy version 7.4.0 and before 7.2.7, FortiPAM version 1.1.2 and before 1.0.3, FortiSwitchManager version 7.2.0 through 7.2.2 and before 7.0.2 allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-11T16:09:06.077Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-261", url: "https://fortiguard.com/psirt/FG-IR-23-261", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.2 or above\nPlease upgrade to FortiOS version 7.2.7 or above\nPlease upgrade to FortiPAM version 1.2.0 or above\nPlease upgrade to FortiSwitchManager version 7.2.3 or above\nPlease upgrade to FortiSwitchManager version 7.0.3 or above\nPlease upgrade to FortiProxy version 7.4.1 or above\nPlease upgrade to FortiProxy version 7.2.8 or above", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-40721", datePublished: "2025-02-11T16:09:06.077Z", dateReserved: "2023-08-21T09:03:44.316Z", dateUpdated: "2025-02-12T15:52:51.412Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-45583
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 20:21
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.11", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiproxy", vendor: "fortinet", versions: [ { lessThanOrEqual: "2.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortiswitchmanager", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "7.0.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.4.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { status: "affected", version: "6.2.0", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortios", vendor: "fortinet", versions: [ { lessThanOrEqual: "6.0.16", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fortipam", vendor: "fortinet", versions: [ { lessThanOrEqual: "1.1.*", status: "affected", version: "1.0.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-45583", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-14T17:49:39.269934Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:19:59.485Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T20:21:16.756Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", tags: [ "x_transferred", ], url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "FortiProxy", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.4", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.10", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiPAM", vendor: "Fortinet", versions: [ { status: "affected", version: "1.1.0", }, { lessThanOrEqual: "1.0.3", status: "affected", version: "1.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiSwitchManager", vendor: "Fortinet", versions: [ { lessThanOrEqual: "7.2.2", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.2", status: "affected", version: "7.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "FortiOS", vendor: "Fortinet", versions: [ { status: "affected", version: "7.4.0", }, { lessThanOrEqual: "7.2.5", status: "affected", version: "7.2.0", versionType: "semver", }, { lessThanOrEqual: "7.0.12", status: "affected", version: "7.0.0", versionType: "semver", }, { lessThanOrEqual: "6.4.15", status: "affected", version: "6.4.0", versionType: "semver", }, { lessThanOrEqual: "6.2.16", status: "affected", version: "6.2.0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "Execute unauthorized code or commands", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-14T16:19:18.797Z", orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", shortName: "fortinet", }, references: [ { name: "https://fortiguard.com/psirt/FG-IR-23-137", url: "https://fortiguard.com/psirt/FG-IR-23-137", }, ], solutions: [ { lang: "en", value: "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n", }, ], }, }, cveMetadata: { assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", assignerShortName: "fortinet", cveId: "CVE-2023-45583", datePublished: "2024-05-14T16:19:18.797Z", dateReserved: "2023-10-09T08:01:29.296Z", dateUpdated: "2024-08-02T20:21:16.756Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202210-0198
Vulnerability from variot
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. fortinet's FortiProxy , FortiSwitch Manager , FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiOS has security flaws. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202210-0198", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortios", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "lt", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0 that's all 7.2.2", }, { model: "fortiswitch manager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 that's all 7.0.7", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2022-40684", }, ], }, cve: "CVE-2022-40684", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-40684", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2022-40684", trust: 1.8, value: "CRITICAL", }, { author: "psirt@fortinet.com", id: "CVE-2022-40684", trust: 1, value: "CRITICAL", }, { author: "CNNVD", id: "CNNVD-202210-347", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "CNNVD", id: "CNNVD-202210-347", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. fortinet's FortiProxy , FortiSwitch Manager , FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiOS has security flaws. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements", sources: [ { db: "NVD", id: "CVE-2022-40684", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "VULHUB", id: "VHN-429172", }, ], trust: 1.71, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-429172", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-40684", trust: 3.3, }, { db: "PACKETSTORM", id: "169431", trust: 2.5, }, { db: "PACKETSTORM", id: "171515", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2022-019256", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202210-347", trust: 0.7, }, { db: "EXPLOIT-DB", id: "51092", trust: 0.6, }, { db: "VULHUB", id: "VHN-429172", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "CNNVD", id: "CNNVD-202210-347", }, ], }, id: "VAR-202210-0198", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-429172", }, ], trust: 0.01, }, last_update_date: "2023-12-18T12:54:47.188000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-377", trust: 0.8, url: "https://fortiguard.com/psirt/fg-ir-22-377", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1, }, { problemtype: "Inappropriate authentication (CWE-287) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-306", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3.1, url: "http://packetstormsecurity.com/files/169431/fortinet-fortios-fortiproxy-fortiswitchmanager-authentication-bypass.html", }, { trust: 2.4, url: "http://packetstormsecurity.com/files/171515/fortinet-7.2.1-authentication-bypass.html", }, { trust: 1.7, url: "https://fortiguard.com/psirt/fg-ir-22-377", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-40684", }, { trust: 0.8, url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortios-privilege-escalation-39490", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-40684/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/fortinet-fortios-privilege-escalation-via-http-https-administrative-interface-39490", }, { trust: 0.6, url: "https://www.exploit-db.com/exploits/51092", }, ], sources: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "CNNVD", id: "CNNVD-202210-347", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-429172", }, { db: "JVNDB", id: "JVNDB-2022-019256", }, { db: "NVD", id: "CVE-2022-40684", }, { db: "CNNVD", id: "CNNVD-202210-347", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-18T00:00:00", db: "VULHUB", id: "VHN-429172", }, { date: "2023-10-25T00:00:00", db: "JVNDB", id: "JVNDB-2022-019256", }, { date: "2022-10-18T14:15:09.747000", db: "NVD", id: "CVE-2022-40684", }, { date: "2022-10-07T00:00:00", db: "CNNVD", id: "CNNVD-202210-347", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-20T00:00:00", db: "VULHUB", id: "VHN-429172", }, { date: "2023-10-25T02:51:00", db: "JVNDB", id: "JVNDB-2022-019256", }, { date: "2023-08-08T14:22:24.967000", db: "NVD", id: "CVE-2022-40684", }, { date: "2023-03-28T00:00:00", db: "CNNVD", id: "CNNVD-202210-347", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202210-347", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Authentication vulnerabilities in multiple Fortinet products", sources: [ { db: "JVNDB", id: "JVNDB-2022-019256", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "access control error", sources: [ { db: "CNNVD", id: "CNNVD-202210-347", }, ], trust: 0.6, }, }
var-202302-1418
Vulnerability from variot
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. fortinet's FortiSwitch Manager , FortiProxy , FortiOS Exists in a past traversal vulnerability.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202302-1418", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "2.0.0", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.4.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.8", }, { model: "fortios", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.2", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiswitchmanager", scope: "eq", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.1.6", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.2.12", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "1.2.13", }, { model: "fortios", scope: "gte", trust: 1, vendor: "fortinet", version: "6.2.0", }, { model: "fortios", scope: "lte", trust: 1, vendor: "fortinet", version: "6.4.10", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.1.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "2.0.10", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.1", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "7.0.0", }, { model: "fortiproxy", scope: "eq", trust: 1, vendor: "fortinet", version: "7.2.0", }, { model: "fortiproxy", scope: "lte", trust: 1, vendor: "fortinet", version: "7.0.7", }, { model: "fortiproxy", scope: "gte", trust: 1, vendor: "fortinet", version: "1.2.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.0", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.2", }, { model: "fortiswitch manager", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortiproxy", scope: null, trust: 0.8, vendor: "フォーティネット", version: null, }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.0.0 to 7.0.8", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.4.0 to 6.4.10", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "6.2.0 to 6.2.12", }, { model: "fortios", scope: "eq", trust: 0.8, vendor: "フォーティネット", version: "7.2.1", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.1.6", versionStartIncluding: "1.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.2.13", versionStartIncluding: "1.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.0.10", versionStartIncluding: "2.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0.7", versionStartIncluding: "7.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.4.10", versionStartIncluding: "6.4.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "6.2.12", versionStartIncluding: "6.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0.8", versionStartIncluding: "7.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2022-41335", }, ], }, cve: "CVE-2022-41335", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "psirt@fortinet.com", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 8.1, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2022-41335", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2022-41335", trust: 1.8, value: "HIGH", }, { author: "psirt@fortinet.com", id: "CVE-2022-41335", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202302-1427", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests. fortinet's FortiSwitch Manager , FortiProxy , FortiOS Exists in a past traversal vulnerability.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, ], trust: 1.8, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2022-41335", trust: 3.4, }, { db: "JVNDB", id: "JVNDB-2022-019903", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202302-1427", trust: 0.6, }, { db: "VULHUB", id: "VHN-437474", trust: 0.1, }, { db: "VULMON", id: "CVE-2022-41335", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, id: "VAR-202302-1418", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-437474", }, ], trust: 0.01, }, last_update_date: "2023-12-18T13:59:17.711000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FG-IR-22-391", trust: 0.8, url: "https://www.fortiguard.com/psirt/fg-ir-22-391", }, { title: "Fortinet FortiOS and FortiSwitch Repair measures for path traversal vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=226970", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-22", trust: 1.1, }, { problemtype: "Path traversal (CWE-22) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://fortiguard.com/psirt/fg-ir-22-391", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2022-41335", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2022-41335/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-437474", }, { db: "VULMON", id: "CVE-2022-41335", }, { db: "JVNDB", id: "JVNDB-2022-019903", }, { db: "NVD", id: "CVE-2022-41335", }, { db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-16T00:00:00", db: "VULHUB", id: "VHN-437474", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-41335", }, { date: "2023-10-30T00:00:00", db: "JVNDB", id: "JVNDB-2022-019903", }, { date: "2023-02-16T19:15:13.513000", db: "NVD", id: "CVE-2022-41335", }, { date: "2023-02-16T00:00:00", db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-27T00:00:00", db: "VULHUB", id: "VHN-437474", }, { date: "2023-02-16T00:00:00", db: "VULMON", id: "CVE-2022-41335", }, { date: "2023-10-30T01:23:00", db: "JVNDB", id: "JVNDB-2022-019903", }, { date: "2023-11-07T03:52:48.110000", db: "NVD", id: "CVE-2022-41335", }, { date: "2023-02-28T00:00:00", db: "CNNVD", id: "CNNVD-202302-1427", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202302-1427", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Path traversal vulnerability in multiple Fortinet products", sources: [ { db: "JVNDB", id: "JVNDB-2022-019903", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "path traversal", sources: [ { db: "CNNVD", id: "CNNVD-202302-1427", }, ], trust: 0.6, }, }