Vulnerabilites related to fortinet - fortios
Vulnerability from fkie_nvd
Published
2024-08-13 16:15
Modified
2024-08-22 14:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-445 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C73A0CBF-65BB-4C0A-9A4C-ABE88AF340DD",
"versionEndExcluding": "7.4.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C48730-14E4-4B4A-AD08-BA23903D961E",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84C7A2F-EE15-4CAA-BC3F-A7FDD8A4574F",
"versionEndExcluding": "7.2.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1595B0-CE4A-4B4E-9F5E-A411A012086F",
"versionEndExcluding": "1.4.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad de caducidad de sesi\u00f3n insuficiente [CWE-613] en FortiOS 7.2.5 y versiones anteriores, 7.0 todas las versiones, 6.4 todas las versiones; FortiProxy 7.2 todas las versiones, 7.0 todas las versiones; FortiPAM 1.3 todas las versiones, 1.2 todas las versiones, 1.1 todas las versiones, 1.0 todas las versiones; FortiSwitchManager 7.2.1 y versiones anteriores, 7.0 todas las versiones de GUI pueden permitir a los atacantes reutilizar sesiones web despu\u00e9s de cerrar sesi\u00f3n en la GUI, en caso de que logren adquirir las credenciales requeridas."
}
],
"id": "CVE-2022-45862",
"lastModified": "2024-08-22T14:32:16.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-13T16:15:07.977",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-445"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-13 14:15
Modified
2024-11-21 06:13
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-091 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-091 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE47BA6-6F1B-40E9-8FE5-5752389875DF",
"versionEndExcluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "868E19AD-D2ED-4424-9CA1-56E07BFBC0DB",
"versionEndExcluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations."
},
{
"lang": "es",
"value": "Una funcionalidad oculta en Fortinet FortiOS versiones 7.x anteriores a 7.0.1, FortiOS versiones 6.4.x anteriores a 6.4.7, permite al atacante ejecutar c\u00f3digo o comandos no autorizados por medio de operaciones espec\u00edficas de lectura/escritura hexadecimal"
}
],
"id": "CVE-2021-36169",
"lastModified": "2024-11-21T06:13:14.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-13T14:15:07.623",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-091"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-25 14:55
Modified
2024-11-21 02:05
Severity ?
Summary
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "493FE61C-5C97-46C4-8090-DFAA4D68B519",
"versionEndIncluding": "4.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B75D8F35-830C-498C-B658-AE89154BEB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CBC65E-6DF2-406D-9037-897218AB9257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB85DAD-03EA-4B16-8FF8-F02ACEF0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A97B341D-3B9D-4D37-8D5B-6062BE1C3AC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request."
},
{
"lang": "es",
"value": "El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.0.0 anterior a 5.0.8 en los dispositivos FortiGate permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada."
}
],
"id": "CVE-2014-2216",
"lastModified": "2024-11-21T02:05:52.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-25T14:55:06.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/60724"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-14-006/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730964"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/69338"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030753"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-14-006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95442"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:01
Severity ?
Summary
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7363C344-1CA6-4F53-8004-689633230CCC",
"versionEndIncluding": "2.8_mr10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B78DFB1-2D05-4AAE-BB9E-B6653C3164B4",
"versionEndIncluding": "3_beta",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73B13D8D-D888-41BE-A9A3-85053378769D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
],
"id": "CVE-2005-3058",
"lastModified": "2024-11-21T00:01:01.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18844"
},
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-11 17:15
Modified
2024-11-21 07:53
Severity ?
4.1 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-028 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-028 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API."
}
],
"id": "CVE-2023-28001",
"lastModified": "2024-11-21T07:53:54.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-11T17:15:12.883",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-028"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-613"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-26 15:15
Modified
2024-11-21 08:05
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-183 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-183 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB39159-5B36-415A-A57E-AFAFD7B848CF",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection."
}
],
"id": "CVE-2023-33308",
"lastModified": "2024-11-21T08:05:23.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-26T15:15:10.347",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-183"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-04 18:15
Modified
2024-11-21 05:06
Severity ?
4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-172 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-172 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D02C781-85DB-4474-A90B-042398B080D2",
"versionEndIncluding": "6.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBBBF98-0E21-4C0B-BE40-040CF6F81C9C",
"versionEndIncluding": "6.4.2",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn\u0027t have a valid HTTP header."
},
{
"lang": "es",
"value": "Cuando el tr\u00e1fico que no es HTTP/S (por ejemplo: tr\u00e1fico SSH, etc.) atraviesa el FortiGate en versiones inferiores a 6.2.5 y por debajo de 6.4.2 en el puerto 80/443, no se redirecciona hacia la pol\u00edtica de proxy transparente para su procesamiento, ya que no presenta un encabezado HTTP v\u00e1lido"
}
],
"id": "CVE-2020-15938",
"lastModified": "2024-11-21T05:06:29.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-04T18:15:12.863",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-172"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-13 07:15
Modified
2024-11-21 08:21
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-196 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-196 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 7.0.0 | |
| fortinet | fortios | 7.0.1 | |
| fortinet | fortios | 7.0.2 | |
| fortinet | fortios | 7.0.3 | |
| fortinet | fortios | 7.0.4 | |
| fortinet | fortios | 7.0.5 | |
| fortinet | fortipam | 1.0.0 | |
| fortinet | fortipam | 1.0.1 | |
| fortinet | fortipam | 1.0.2 | |
| fortinet | fortipam | 1.0.3 | |
| fortinet | fortipam | 1.1.0 | |
| fortinet | fortipam | 1.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49D51C9F-CED3-4EA0-89EB-3A63F54B10E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A9341F0B-D2F3-41D6-8FA5-49FDE8F3048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0B17DD-6CE0-4DD0-9850-640F24A1AB10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48D0E8CC-3815-4697-86D0-DC7F66E70520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "920985C7-18F9-414A-A0B2-8C2FACDDE708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA50317-AD1F-451A-AB91-96F1791CBBF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6728D1-6891-4144-9D5B-EC7C9EE3B044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFE431F-113D-4DF8-8166-10B8F8EB096C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC27DCF-F74C-431C-9545-F405D369AF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB5EB9-00E7-444C-B433-B51460BED34C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request."
},
{
"lang": "es",
"value": "Un doble gratuito en las versiones Fortinet FortiOS 7.0.0 a 7.0.5, FortiPAM versi\u00f3n 1.0.0 a 1.0.3, 1.1.0 a 1.1.1 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de una solicitud espec\u00edficamente manipulada."
}
],
"id": "CVE-2023-41678",
"lastModified": "2024-11-21T08:21:28.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-13T07:15:17.317",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-196"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-11 14:59
Modified
2024-11-21 02:29
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97E4DFD7-5396-4449-9D1B-F726F2054AD1",
"versionEndIncluding": "5.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la p\u00e1gina DHCP Monitor en la Web User Interface (WebUI) en Fortinet FortiOS en versiones anteriores a 5.2.4 en dispositivos FortiGate permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de un nombre de host manipulado."
}
],
"id": "CVE-2015-3626",
"lastModified": "2024-11-21T02:29:30.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-08-11T14:59:09.180",
"references": [
{
"source": "cve@mitre.org",
"url": "http://fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-018/"
},
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033144"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-29 19:29
Modified
2024-11-21 03:12
Severity ?
Summary
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/101955 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039891 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-242 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101955 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039891 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-242 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "349C6B08-DCD2-4118-AEC0-3EAA159135BE",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA0FBCD-AA4D-4AB1-9911-EC978FDCFC16",
"versionEndIncluding": "5.2.12",
"versionStartExcluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85E4F0E9-9CB3-46D6-854C-B5E374900B1E",
"versionEndIncluding": "5.4.6",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44E69B8-A1E8-437B-ADA3-10DE256B3368",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim\u0027s browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-site Scripting (XSS) en Fortinet FortiOS versi\u00f3n 6.0.0 hasta 6.0.4, versi\u00f3n 5.6.0 hasta 5.6.7, versi\u00f3n 5.4 e inferiores, en el portal web SSL VPN permite a un usuario remoto inyectar scripting web o HTML arbitrarias en el contexto del navegador de la v\u00edctima por medio del par\u00e1metro redir login. Un ataque de redirecci\u00f3n de URL tambi\u00e9n puede ser posible inyectando una URL externa mediante el par\u00e1metro afectado."
}
],
"id": "CVE-2017-14186",
"lastModified": "2024-11-21T03:12:19.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-29T19:29:00.273",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101955"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039891"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-242"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-18 17:15
Modified
2024-11-21 06:30
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-179 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-179 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "257816EC-14E2-4F4C-BF00-0E88A25439CF",
"versionEndExcluding": "2.0.8",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85",
"versionEndExcluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E9D423-721A-482B-BA6B-52E4D8C07C58",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria [CWE-121] en el int\u00e9rprete de l\u00ednea de comandos de FortiOS versiones anteriores a 7.0.4 y FortiProxy versiones anteriores a 2.0.8, puede permitir a un atacante autenticado ejecutar c\u00f3digo o comandos no autorizados por medio de argumentos de l\u00ednea de comandos especialmente dise\u00f1ados"
}
],
"id": "CVE-2021-44170",
"lastModified": "2024-11-21T06:30:29.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-18T17:15:08.483",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-179"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-08 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.0.0 | |
| fortinet | fortios | 5.0.1 | |
| fortinet | fortios | 5.0.2 | |
| fortinet | fortios | 5.0.3 | |
| fortinet | fortios | 5.0.4 | |
| fortinet | fortios | 5.0.5 | |
| fortinet | fortios | 5.0.6 | |
| fortinet | fortios | 5.0.7 | |
| fortinet | fortios | 5.0.8 | |
| fortinet | fortios | 5.0.9 | |
| fortinet | fortios | 5.0.10 | |
| fortinet | fortios | 5.0.11 | |
| fortinet | fortios | 5.0.12 | |
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6615C7-C6F8-4E42-BA09-5A29A0B68E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C5917-BBC0-4924-9FB0-49E141DC9D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "513A1CAA-9B87-4CF5-9513-396E2E686CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62CD94B3-C430-4672-BBEA-B8A542944F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91AA2061-5D28-4DCF-9126-8D5CE57D96F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E953F20-9598-4074-BC65-2FEA3ED2ECF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the \"redirect\" parameter to \"login.\""
},
{
"lang": "es",
"value": "La Web User Interface (WebUI) en FortiOS 5.0.x en versiones anteriores a 5.0.13, 5.2.x en versiones anteriores a 5.2.3 y 5.4.x en versiones anteriores a 5.4.0 permite a atacantes remotos redirigir a usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing o ataques de XSS a trav\u00e9s del par\u00e1metro \"redirect\" en \"login\"."
}
],
"id": "CVE-2016-3978",
"lastModified": "2024-11-21T02:51:04.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-08T14:59:07.913",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Mar/68"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Mar/68"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035332"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 13:15
Modified
2025-02-12 21:32
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-201 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-201 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2021-12-24",
"cisaExploitAdd": "2021-12-10",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS Arbitrary File Download",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A187C6F8-D90B-4A4B-B477-8B6FF23A685A",
"versionEndExcluding": "6.0.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE47BA6-6F1B-40E9-8FE5-5752389875DF",
"versionEndExcluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "986D96D1-B204-48FC-8852-BB8341941236",
"versionEndExcluding": "6.4.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6A783-0633-40C2-B69D-26C0BB8D9365",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A download of code without integrity check vulnerability in the \"execute restore src-vis\" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages."
},
{
"lang": "es",
"value": "Una vulnerabilidad de descarga de c\u00f3digo sin comprobaci\u00f3n de integridad en el comando \"execute restore src-vis\" de FortiOS versiones anteriores a 7.0.3, puede permitir a un atacante local autenticado descargar archivos arbitrarios en el dispositivo por medio de paquetes de actualizaci\u00f3n especialmente dise\u00f1ados"
}
],
"id": "CVE-2021-44168",
"lastModified": "2025-02-12T21:32:00.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T13:15:07.957",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-201"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-31 17:20
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-407 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D551134C-9EFE-42A3-8DE1-AB84D115D748",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets."
},
{
"lang": "es",
"value": "Una vulnerabilidad de error de validaci\u00f3n de origen [CWE-346] en Fortinet FortiOS IPSec VPN versi\u00f3n 7.4.0 a 7.4.1 y versi\u00f3n 7.2.6 y anteriores permite que un usuario de IPSec VPN autenticado con direcci\u00f3n IP din\u00e1mica env\u00ede (pero no reciba) paquetes que falsifican la IP de otro usuario a trav\u00e9s de paquetes de red manipulados."
}
],
"id": "CVE-2023-46715",
"lastModified": "2025-01-31T17:20:44.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:27.387",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-407"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-05 13:29
Modified
2024-11-21 04:15
Severity ?
Summary
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-302 | Vendor Advisory | |
| psirt@fortinet.com | https://robotattack.org/ | Third Party Advisory | |
| psirt@fortinet.com | https://www.kb.cert.org/vuls/id/144389 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-302 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://robotattack.org/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/144389 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9690D76F-27B1-439A-8BD3-4B6FAC24C029",
"versionEndIncluding": "5.4.9",
"versionStartIncluding": "5.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3907C1C9-EAEB-4287-82DA-06F242DEA639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server\u0027s private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used."
},
{
"lang": "es",
"value": "Podr\u00eda ser posible recuperar en texto plano mensajes cifrados o realizar un ataque Man-in-the-Middle (MitM) en el cifrado RSA PKCS #1 v1.5 sin conocer la clave privada del servidor. Fortinet FortiOS, de la versi\u00f3n 5.4.6 a la 5.4.9 y las versiones 6.0.0 y 6.0.1, son vulnerables por medio de dichos ataques bajo la funcionalidad SSL Deep Inspection cuando se emplea CPx."
}
],
"id": "CVE-2018-9192",
"lastModified": "2024-11-21T04:15:08.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-05T13:29:00.493",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2024-11-21 03:46
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-383 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-230 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-383 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-230 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D695780A-26CA-4522-876E-FFC44F035F86",
"versionEndIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F970C1D-5018-4D52-91F6-A5F2CD123935",
"versionEndIncluding": "5.4.12",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC23731-E080-43CF-9BB8-149FC0173388",
"versionEndIncluding": "5.6.7",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D27D2C-5211-41A7-B0F4-7721EE7884BF",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F099AE-4482-4964-8B8A-1B412A423C3B",
"versionEndIncluding": "1.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-site Scripting (XSS) en Fortinet FortiOS 6.0.0 a 6.0.4, 5.6.0 a 5.6.7, 5.4.0 a 5.4.12, 5.2 y posteriores y Fortinet FortiProxy versiones 2.0.0, 1.2.8 y versiones posteriores en el portal web SSL VPN permite al atacante ejecutar sin autorizaci\u00f3n c\u00f3digo de script malicioso a trav\u00e9s del error o los par\u00e1metros de manejo de mensajes"
}
],
"id": "CVE-2018-13380",
"lastModified": "2024-11-21T03:46:59.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T21:29:00.267",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-383"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-230"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2024-12-12 19:27
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-475 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link."
},
{
"lang": "es",
"value": "Una fijaci\u00f3n de sesi\u00f3n en Fortinet FortiOS versi\u00f3n 7.4.0 a 7.4.3 y 7.2.0 a 7.2.7 y 7.0.0 a 7.0.13 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de un enlace de autenticaci\u00f3n SAML de phishing."
}
],
"id": "CVE-2023-50176",
"lastModified": "2024-12-12T19:27:35.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-12T19:15:07.360",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-475"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-31 16:11
Severity ?
3.5 (Low) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-267 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "848B95D5-3792-4B4A-A3AF-B4D72569D4D0",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros o de envoltura [CWE-190] en la versi\u00f3n 7.4.4 y anteriores, la versi\u00f3n 7.2.10 y anteriores; el servicio IKE IPsec del inquilino FortiOS de FortiSASE versi\u00f3n 23.4.b puede permitir que un atacante autenticado bloquee el t\u00fanel IPsec a trav\u00e9s de solicitudes manipuladas, lo que resulta en una posible denegaci\u00f3n de servicio."
}
],
"id": "CVE-2024-46669",
"lastModified": "2025-01-31T16:11:27.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:32.100",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-267"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:27
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF",
"versionEndIncluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2573C90-BE6A-4D5D-A223-F09213318909",
"versionEndIncluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands."
}
],
"id": "CVE-2022-43953",
"lastModified": "2024-11-21T07:27:24.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:16.077",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-463"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-24 15:15
Modified
2024-11-21 06:46
Severity ?
5.4 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-239 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-239 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4361DFE-431C-470A-9C9A-263681F125CC",
"versionEndIncluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the FortiGate and some peers such as private SDNs and external cloud platforms."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n de certificados inapropiada [CWE-295] en FortiOS versiones 6.0.0 hasta 6.0.14, 6.2.0 hasta 6.2.10, 6.4.0 hasta 6.4.8, 7.0.0 puede permitir a un atacante adyacente a la red y no autenticado interceder en la comunicaci\u00f3n entre FortiGate y algunos pares como SDNs privadas y plataformas de nube externas"
}
],
"id": "CVE-2022-22306",
"lastModified": "2024-11-21T06:46:36.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-24T15:15:07.707",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-239"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 22:29
Modified
2024-11-21 04:45
Severity ?
Summary
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDDF45-AA70-4684-B834-1ABEFEB7D105",
"versionEndExcluding": "6.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods."
},
{
"lang": "es",
"value": "La ausencia de verificaci\u00f3n de la integridad del sistema de archivos ra\u00edz en Fortinet Las im\u00e1genes de la aplicaci\u00f3n FortiOS VM, todas las versiones inferiores a 6.0.5 pueden permitir al atacante implantar programas maliciosos en la imagen de instalaci\u00f3n al volver a montar la imagen a trav\u00e9s de m\u00e9todos espec\u00edficos."
}
],
"id": "CVE-2019-5587",
"lastModified": "2024-11-21T04:45:10.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T22:29:00.377",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/108628"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/108628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-017"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-18 03:15
Modified
2024-11-21 06:28
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-206 | Not Applicable | |
| nvd@nist.gov | https://www.fortiguard.com/psirt/FG-IR-21-206 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-206 | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6DA041-82B6-44B4-821F-3B20DDF9AB1B",
"versionEndExcluding": "6.4.8",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F769E92C-C005-4BC8-9F48-F2E6218FFEC6",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA2EE2B-21EC-4D67-8D10-44D20D489ECE",
"versionEndExcluding": "6.4.8",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703550D7-5800-4870-9FE7-CE4B45B12591",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2492A7-82C7-4FBA-BF73-045206262F7B",
"versionEndExcluding": "2.0.9",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B25C92-D0B5-46EC-99CD-D617BE4FD46B",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2841B1B5-EC6D-46EE-8FD4-464330144791",
"versionEndExcluding": "6.2.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103E0368-0675-4511-95BF-D5CCD67BBAA5",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input (\u0027classic buffer overflow\u0027) in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol."
}
],
"id": "CVE-2021-43072",
"lastModified": "2024-11-21T06:28:38.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-18T03:15:54.947",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Not Applicable"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-206"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-21-206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-206"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-02 14:15
Modified
2024-11-21 03:46
Severity ?
Summary
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-230 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-230 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4BC8404-3E6F-4D98-885C-F8F53FF4BF07",
"versionEndIncluding": "5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC23731-E080-43CF-9BB8-149FC0173388",
"versionEndIncluding": "5.6.7",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3439843C-BC01-4AEB-AC43-3D7B9D838044",
"versionEndIncluding": "6.0.2",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control externo de sistema en FortiOS, puede permitir a un usuario autenticado y regular cambiar la configuraci\u00f3n de enrutamiento del dispositivo por medio de una conexi\u00f3n al componente ZebOS."
}
],
"id": "CVE-2018-13371",
"lastModified": "2024-11-21T03:46:58.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-02T14:15:14.217",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-230"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-25 14:38
Modified
2024-11-21 01:55
Severity ?
Summary
Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9FAA990-69D0-4A6F-8BC5-AEA0F5B2A968",
"versionEndIncluding": "5.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role."
},
{
"lang": "es",
"value": "Fortinet FortiOS antes de v5.0.3 para dispositivos FortiGate no restringe correctamente las capacidades del invitado, lo que permite a usuarios remotamente leer, modificar o borrar registros o usuarios aprovechando el rol de invitado."
}
],
"id": "CVE-2013-4604",
"lastModified": "2024-11-21T01:55:54.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-25T14:38:18.117",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/FGA-2013-20/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2013-20/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 21:56
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-373 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84DD8626-BB61-4F9E-A339-DBEE0D071347",
"versionEndExcluding": "7.6.1",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets."
},
{
"lang": "es",
"value": "Una escritura fuera de los l\u00edmites en las versiones Fortinet FortiOS 7.6.0, 7.4.0 a 7.4.6, 7.2.0 a 7.2.10, 7.0.0 a 7.0.16, 6.4.0 a 6.4.15 permite a un atacante activar una denegaci\u00f3n de servicio a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-52963",
"lastModified": "2025-02-03T21:56:00.043",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:33.807",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-373"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-05 13:29
Modified
2024-11-21 04:15
Severity ?
Summary
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-302 | Vendor Advisory | |
| psirt@fortinet.com | https://robotattack.org/ | Third Party Advisory | |
| psirt@fortinet.com | https://www.kb.cert.org/vuls/id/144389 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-302 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://robotattack.org/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/144389 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9690D76F-27B1-439A-8BD3-4B6FAC24C029",
"versionEndIncluding": "5.4.9",
"versionStartIncluding": "5.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3907C1C9-EAEB-4287-82DA-06F242DEA639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server\u0027s private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used."
},
{
"lang": "es",
"value": "Podr\u00eda ser posible recuperar en texto plano mensajes cifrados o realizar un ataque Man-in-the-Middle (MitM) en el cifrado RSA PKCS #1 v1.5 sin conocer la clave privada del servidor. Fortinet FortiOS, de la versi\u00f3n 5.4.6 a la 5.4.9 y las versiones 6.0.0 y 6.0.1, son vulnerables por medio de dichos ataques bajo la funcionalidad VIP SSL cuando se emplea CPx."
}
],
"id": "CVE-2018-9194",
"lastModified": "2024-11-21T04:15:09.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-05T13:29:00.637",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-27 15:29
Modified
2024-11-21 03:46
Severity ?
Summary
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/106036 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-325 | Vendor Advisory | |
| psirt@fortinet.com | https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106036 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-325 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E87EA862-D58B-4C52-BFF0-54B8D01BC569",
"versionEndIncluding": "5.2.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4200DCE0-8A28-4E77-A687-E89C582B7D30",
"versionEndIncluding": "5.4.7",
"versionStartIncluding": "5.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15CA187D-7F6A-454C-9E95-EE61D578EC10",
"versionEndIncluding": "5.6.3",
"versionStartIncluding": "5.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy\u0027s disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."
},
{
"lang": "es",
"value": "Existe una fuga del b\u00fafer de memoria sin inicializar en Fortinet FortiOS, de la versi\u00f3n 5.6.1 a la 5.6.3, de la versi\u00f3n 5.4.6 a la 5.4.7 y en todas las versiones desde la 5.2 bajo las p\u00e1ginas web de renuncia de respuesta del proxy web, lo que podr\u00eda provocar que los datos sensibles se muestren en la respuesta HTTP."
}
],
"id": "CVE-2018-13376",
"lastModified": "2024-11-21T03:46:59.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-27T15:29:00.227",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106036"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-325"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-11 15:15
Modified
2024-11-21 06:28
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-230 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-230 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "257816EC-14E2-4F4C-BF00-0E88A25439CF",
"versionEndExcluding": "2.0.8",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4361DFE-431C-470A-9C9A-263681F125CC",
"versionEndIncluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F10D70-1176-4119-BF1A-C2A5FCA386D4",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de neutralizaci\u00f3n inapropiada de la entrada durante la generaci\u00f3n de la p\u00e1gina web [CWE-79] en FortiOS versi\u00f3n 7.0.3 y anteriores, 6.4.8 y anteriores, 6.2.10 y anteriores, 6.0.14 a 6.0.0. y en FortiProxy versi\u00f3n 7.0.1 y anteriores, 2.0.7 a 2.0.0, el formulario de anulaci\u00f3n del filtro web puede permitir a un atacante no autenticado llevar a cabo un ataque de tipo XSS por medio de peticiones HTTP GET dise\u00f1adas"
}
],
"id": "CVE-2021-43081",
"lastModified": "2024-11-21T06:28:39.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-11T15:15:08.603",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-230"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:16
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-221 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer_cloud | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF81840B-F269-4B40-8014-D4B18A2A016F",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9AD7A8-B390-4037-872B-02E1BEEDEC6C",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA0888C-2D95-46ED-9BA9-F99072C02FE6",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7269FDB6-A1D4-4912-8751-87BA52614FDA",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241A8930-4ADA-4380-AA42-F10B28487595",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60E6EA0C-12E8-4EA7-901C-BEDE07BC88DA",
"versionEndExcluding": "2.0.15",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D273F0B5-A9F3-460B-8E96-7BEB816A91D9",
"versionEndExcluding": "7.0.18",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A6D950-F8AE-4E12-9D43-C49BFE03B3D4",
"versionEndExcluding": "7.2.11",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6794E3E0-7FC3-40D8-9568-20E6878E3EDB",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678EB0FA-2B29-4108-8378-C4803A543193",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack."
},
{
"lang": "es",
"value": "Una autenticaci\u00f3n d\u00e9bil en Fortinet FortiOS versiones 7.4.0 a 7.4.4, 7.2.0 a 7.2.8, 7.0.0 a 7.0.15, 6.4.0 a 6.4.15, FortiProxy versiones 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.17, 2.0.0 a 2.0.14, FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiManager Cloud versiones 7.4.1 a 7.4.3 y FortiAnalyzer Cloud versiones 7.4.1 a 7.4.3 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados mediante un ataque de fuerza bruta."
}
],
"id": "CVE-2024-48886",
"lastModified": "2025-02-03T22:16:04.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:33.027",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-221"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2024-12-12 19:33
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-032 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiportal | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A93633F-8865-49D7-A5CE-F7D009DFB901",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18427F16-7339-4A9E-9FA4-EC7A2D3EE218",
"versionEndExcluding": "1.3.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFA2C3-0A23-4884-B751-785BE598DFF3",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AD66B0-9C99-4F83-80AA-B54E6354ADFD",
"versionEndExcluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56DC03E9-D1CF-4273-AF2F-5EB3B8E2D54B",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4763E504-6974-42C5-B912-3E62A9CC312A",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4490512-36ED-4212-9D34-D74739A56E84",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A020C2E-1DDB-4737-92D9-B125FFBE007A",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0D2553-E4E6-454A-80F6-9D014A4710D3",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0123003E-587B-4EC8-83B6-0C5D87A8AC10",
"versionEndExcluding": "6.0.15",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets."
},
{
"lang": "es",
"value": "Autenticaci\u00f3n faltante para funci\u00f3n cr\u00edtica en Fortinet FortiManager versi\u00f3n 7.4.0 a 7.4.2, 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.14, FortiPAM versi\u00f3n 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiProxy versi\u00f3n 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.17, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiSwitchManager versi\u00f3n 7.2.0 a 7.2.3, 7.0.0 a 7.0.3, FortiPortal versi\u00f3n 6.0.0 a 6.0.14, FortiOS versi\u00f3n 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0.18 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-26011",
"lastModified": "2024-12-12T19:33:58.833",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-12T19:15:08.320",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-032"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-23 21:15
Modified
2024-11-21 03:46
Severity ?
Summary
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-173 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-173 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1023D06F-42D8-40DA-BEE0-A71397F58202",
"versionEndIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI."
},
{
"lang": "es",
"value": "Una vulnerabilidad de exposici\u00f3n a la informaci\u00f3n en FortiOS 6.2.3, 6.2.0 y posteriores puede permitir que un atacante no autenticado obtenga informaci\u00f3n de la plataforma, como la versi\u00f3n, los modelos, mediante el an\u00e1lisis de un archivo JavaScript a trav\u00e9s de admin webUI."
}
],
"id": "CVE-2018-13367",
"lastModified": "2024-11-21T03:46:58.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-23T21:15:10.600",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-173"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-25 16:29
Modified
2024-11-21 03:12
Severity ?
Summary
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/104288 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-231 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104288 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-231 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE351C0-A75B-47C6-9B53-59CF67C6A552",
"versionEndIncluding": "5.2.13",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDB1D22-D470-4AA4-AFB9-1A3D28E69C2A",
"versionEndIncluding": "5.4.8",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44E69B8-A1E8-437B-ADA3-10DE256B3368",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal."
},
{
"lang": "es",
"value": "Una vulnerabilidad de fuga de informaci\u00f3n en Fortinet FortiOS, de la versi\u00f3n 5.6.0 a la 5.6.2, de la 5.4.0 a la 5.4.8 y todas las versiones de 5.2, permite que usuarios del portal web SSL VPN accedan a informaci\u00f3n de configuraci\u00f3n interna de FortiOS (por ejemplo, a las direcciones) mediante URL especialmente manipuladas dentro del portal web SSL-VPN."
}
],
"id": "CVE-2017-14185",
"lastModified": "2024-11-21T03:12:19.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-25T16:29:00.230",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104288"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-231"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-03 16:15
Modified
2024-11-21 05:06
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-068 | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-068 | Not Applicable, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B59A39D6-9494-4273-8348-1078A77DD796",
"versionEndExcluding": "6.2.5",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E01B9A4C-DBDC-483F-A2BB-6ADD90A5E9B4",
"versionEndExcluding": "6.4.1",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard."
},
{
"lang": "es",
"value": "Una vulnerabilidad de neutralizaci\u00f3n inapropiada de la entrada en FortiGate versiones 6.2.x por debajo de 6.2.5 y versiones 6.4.x por debajo de 6.4.1, puede permitir a un atacante remoto llevar a cabo un ataque de tipo cross site scripting (XSS) almacenado por medio del panel de registros de IPS y WAF"
}
],
"id": "CVE-2020-15937",
"lastModified": "2024-11-21T05:06:29.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-03T16:15:12.213",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-068"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:21
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-318 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-318 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2573C90-BE6A-4D5D-A223-F09213318909",
"versionEndIncluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de autorizaci\u00f3n inadecuada en Fortinet FortiOS 7.0.0 - 7.0.11 y 7.2.0 - 7.2.4 permite que un atacante que pertenece al perfil prof-admin realice acciones elevadas."
}
],
"id": "CVE-2023-41841",
"lastModified": "2024-11-21T08:21:46.777",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.813",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-318"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:21
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-184 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-184 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83139FA-7195-4171-8BC6-CC4F9379C7C9",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB39159-5B36-415A-A57E-AFAFD7B848CF",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection."
},
{
"lang": "es",
"value": "Una vulnerabilidad de use-after-free [CWE-416] en FortiOS versi\u00f3n 7.2.0 a 7.2.4 y versi\u00f3n 7.0.0 a 7.0.10 y FortiProxy versi\u00f3n 7.2.0 a 7.2.2 y versi\u00f3n 7.0.0 a 7.0.8 puede permitir un atacante remoto no autenticado bloquee el proceso WAD a trav\u00e9s de m\u00faltiples paquetes manipulados que alcanzan pol\u00edticas de proxy o pol\u00edticas de firewall con modo proxy junto con una inspecci\u00f3n profunda de paquetes SSL."
}
],
"id": "CVE-2023-41675",
"lastModified": "2024-11-21T08:21:27.890",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.620",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-184"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-02 12:15
Modified
2024-11-21 06:53
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-074 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-074 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | antivirus_engine | 0.4.23 | |
| fortinet | antivirus_engine | 2.0.49 | |
| fortinet | antivirus_engine | 2.0.60 | |
| fortinet | antivirus_engine | 4.4.54 | |
| fortinet | antivirus_engine | 6.33 | |
| fortinet | antivirus_engine | 6.137 | |
| fortinet | antivirus_engine | 6.142 | |
| fortinet | antivirus_engine | 6.144 | |
| fortinet | antivirus_engine | 6.145 | |
| fortinet | antivirus_engine | 6.156 | |
| fortinet | antivirus_engine | 6.157 | |
| fortinet | antivirus_engine | 6.243 | |
| fortinet | antivirus_engine | 6.252 | |
| fortinet | antivirus_engine | 6.253 | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | 4.1.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:0.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "4E472D86-EC41-4AC8-AA7E-E2D94F123680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:2.0.49:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6024DF-0DB4-420B-8226-1CBD55A92364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:2.0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2C1609-3538-4419-B75C-32C84B21A75D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:4.4.54:*:*:*:*:*:*:*",
"matchCriteriaId": "7051D640-5891-415E-8A77-F68C35134954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE41E36-D7B9-42F0-9C34-FA18F081B2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.137:*:*:*:*:*:*:*",
"matchCriteriaId": "B51453FA-C7D3-481B-BC3B-46D94009E3FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.142:*:*:*:*:*:*:*",
"matchCriteriaId": "35E2F910-2553-4DC8-8730-0A0BF16A91B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.144:*:*:*:*:*:*:*",
"matchCriteriaId": "17870D25-F9BF-47F3-A63F-63DCF0C0A4D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.145:*:*:*:*:*:*:*",
"matchCriteriaId": "F532E565-F438-4268-BEE3-F27B9B44EC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.156:*:*:*:*:*:*:*",
"matchCriteriaId": "AA32EE02-B802-43B8-A57C-3D8680C22573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.157:*:*:*:*:*:*:*",
"matchCriteriaId": "024D9F08-76C9-4E10-873E-6A4B618CE44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.243:*:*:*:*:*:*:*",
"matchCriteriaId": "250CDE83-42CA-4F2C-83DB-1274B3B8C75D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.252:*:*:*:*:*:*:*",
"matchCriteriaId": "3B167E24-C4B2-4A06-8987-D49812D69D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:antivirus_engine:6.253:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B97F13-AB4A-4114-BF89-D57945506991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01F784BF-4F89-4938-9150-F911E3EB6CD0",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDC7EE8-084C-4F9E-A510-E283FCDF9832",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A5C345-7055-4F18-AE77-FF1DBE41AB89",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2822C6B9-7FD5-4E1B-907B-F324F28A82A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB40CF0-CC6A-44A5-BC5D-70DC7CA78D49",
"versionEndIncluding": "6.0.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E417AB31-3C1E-47C9-941B-36026B4379E8",
"versionEndIncluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6F9869-F824-4519-986E-A032668EA7BA",
"versionEndIncluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE466DB5-F176-45E6-B017-A658A0B74836",
"versionEndIncluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en los motores FortiClient, FortiMail y FortiOS AV versi\u00f3n 6.2.168 e inferiores y la versi\u00f3n 6.4.274 e inferiores puede permitir a un atacante eludir el motor AV mediante la manipulaci\u00f3n del archivo adjunto MIME con basura y pad. caracteres en base64."
}
],
"id": "CVE-2022-26122",
"lastModified": "2024-11-21T06:53:28.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-02T12:15:52.747",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-074"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-22 10:15
Modified
2025-02-12 13:39
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-254 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiauthenticator | * | |
| fortinet | fortiauthenticator | * | |
| fortinet | fortiddos | * | |
| fortinet | fortiddos-f | * | |
| fortinet | fortimail | * | |
| fortinet | fortindr | * | |
| fortinet | fortindr | 7.2.0 | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortisoar | * | |
| fortinet | fortitester | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiwlc | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiswitch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7685DE5-EEF4-4EFF-9EE0-1ABC59A46B91",
"versionEndExcluding": "6.2.4",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "959F9558-9C68-4046-AF5F-C543C9B5C3DE",
"versionEndExcluding": "6.3.4",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F857C3-0369-45CD-8745-FC6086A6B401",
"versionEndExcluding": "6.4.2",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiddos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2587E4-5D24-4C81-AD13-B3205FA07D14",
"versionEndExcluding": "5.5.2",
"versionStartIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999EDF79-3052-4A4E-9B71-B0FEDEBFE33E",
"versionEndExcluding": "6.3.4",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3E1107-F78C-41B7-A8D4-E984EF551B1B",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2798BBCF-0867-4C5B-9F28-6CD9846DAD7E",
"versionEndExcluding": "7.1.1",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06DD8B01-B4BC-432D-9045-40AD6DA84CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4BF015A-6391-40D1-9FC4-C73110A2D52E",
"versionEndExcluding": "7.0.5",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9591AF-D4A5-44F6-8535-1D166646E118",
"versionEndExcluding": "7.4.0",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7151C5-DB42-4F91-B84C-CDA9CEF73A23",
"versionEndExcluding": "6.0.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDA9A48-7687-40A3-A14F-5EB89A20A386",
"versionEndExcluding": "6.4.3",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B72000EC-F0D5-4100-B0DB-7405EDE32C76",
"versionEndExcluding": "7.3.0",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8838FC8-770F-41ED-8F25-8E2953258677",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "3.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C97B8181-C602-4E70-B3EA-CBE1FA62A220",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiwlc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C68A52C3-281D-4B4E-B0AA-0162D846BBB2",
"versionEndExcluding": "8.6.7",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00C9C02B-E40F-4536-BC74-A7DA84E4B845",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5E55C0-C600-4234-AA0C-21259AA6D97F",
"versionEndExcluding": "7.0.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"
},
{
"lang": "es",
"value": "Una referencia controlada externamente a un recurso en otra esfera en Fortinet FortiManager anterior a la versi\u00f3n 7.4.3, FortiMail anterior a la versi\u00f3n 7.0.3, FortiAnalyzer anterior a la versi\u00f3n 7.4.3, FortiVoice versi\u00f3n 7.0.0, 7.0.1 y anterior a 6.4.8, FortiProxy anterior a la versi\u00f3n 7.0.4, FortiRecorder versi\u00f3n 6.4.0 a 6.4.2 y anterior a 6.0.10, FortiAuthenticator versi\u00f3n 6.4.0 a 6.4.1 y anterior a 6.3.3, FortiNDR versi\u00f3n 7.2.0 anterior a 7.1.0, FortiWLC anterior a la versi\u00f3n 8.6.4, FortiPortal anterior a la versi\u00f3n 6.0.9, FortiOS versi\u00f3n 7.2.0 y anterior a 7.0.5, FortiADC versi\u00f3n 7.0.0 a 7.0.1 y anterior 6.2.3, FortiDDoS anterior a la versi\u00f3n 5.5.1, FortiDDoS-F anterior a la versi\u00f3n 6.3.3, FortiTester anterior a la versi\u00f3n 7.2.1, FortiSOAR anterior a la versi\u00f3n 7.2.2 y FortiSwitch anterior a la versi\u00f3n 6.3.3 permiten a los atacantes envenenar cach\u00e9s web a trav\u00e9s de solicitudes HTTP manipulado, donde el encabezado `Host` apunta a un servidor web arbitrario."
}
],
"id": "CVE-2022-23439",
"lastModified": "2025-02-12T13:39:42.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-22T10:15:07.737",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Broken Link"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-254"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-610"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-02 16:59
Modified
2024-11-21 02:25
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Fortinet FortiOS 5.0 Parche 7 build 4457 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del campo (1) WTP Name o (2) WTP Active Software Version en una solicitud CAPWAP Join."
}
],
"id": "CVE-2015-1451",
"lastModified": "2024-11-21T02:25:27.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-02T16:59:04.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/61661"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72383"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-095 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-095 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortiproxy | 7.2.3 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2777EA-F45D-4D3A-AA2F-078E2B874A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D962937C-B057-4422-A672-8DD2F3C3B3B6",
"versionEndIncluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2573C90-BE6A-4D5D-A223-F09213318909",
"versionEndIncluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests."
}
],
"id": "CVE-2023-29178",
"lastModified": "2024-11-21T07:56:39.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:17.077",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-095"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 16:15
Modified
2024-11-21 06:25
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-147 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-147 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63C336ED-54FA-4354-95AB-61C675BE30E6",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F10D70-1176-4119-BF1A-C2A5FCA386D4",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inapropiado [CWE-284] en FortiOS versiones 6.4.8 y anteriores y 7.0.3 y anteriores, puede permitir a un atacante autenticado con un perfil de usuario restringido recopilar informaci\u00f3n confidencial y modificar el estado del t\u00fanel SSL-VPN de otros VDOMs usando comandos CLI espec\u00edficos"
}
],
"id": "CVE-2021-41032",
"lastModified": "2024-11-21T06:25:18.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T16:15:08.170",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-147"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-31 16:10
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple large file uploads.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-219 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B481963F-0415-42C8-BB38-C1A8BDF4B9F7",
"versionEndExcluding": "6.4.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAE013D-7AE4-4C7A-81A0-296FE00F12CD",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678EB0FA-2B29-4108-8378-C4803A543193",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple large file uploads."
},
{
"lang": "es",
"value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites o limitaci\u00f3n [CWE-770] en las versiones 7.4.0 a 7.4.4, 7.2.0 a 7.2.8, 7.0.0 a 7.0.15 y 6.4.0 a 6.4.15 de FortiOS puede permitir que un usuario remoto no autenticado consuma toda la memoria sistema a trav\u00e9s de m\u00faltiples cargas de archivos grandes."
}
],
"id": "CVE-2024-46668",
"lastModified": "2025-01-31T16:10:13.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:31.950",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-219"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-16 10:15
Modified
2025-02-03 21:54
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-221 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer_cloud | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF81840B-F269-4B40-8014-D4B18A2A016F",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9AD7A8-B390-4037-872B-02E1BEEDEC6C",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA0888C-2D95-46ED-9BA9-F99072C02FE6",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7269FDB6-A1D4-4912-8751-87BA52614FDA",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241A8930-4ADA-4380-AA42-F10B28487595",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60E6EA0C-12E8-4EA7-901C-BEDE07BC88DA",
"versionEndExcluding": "2.0.15",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D273F0B5-A9F3-460B-8E96-7BEB816A91D9",
"versionEndExcluding": "7.0.18",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77A6D950-F8AE-4E12-9D43-C49BFE03B3D4",
"versionEndExcluding": "7.2.11",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6794E3E0-7FC3-40D8-9568-20E6878E3EDB",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678EB0FA-2B29-4108-8378-C4803A543193",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack."
},
{
"lang": "es",
"value": "Una autenticaci\u00f3n d\u00e9bil en Fortinet FortiManager Cloud, FortiAnalyzer versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiAnalyzer Cloud versiones 7.4.1 a 7.4.3, FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiManager Cloud versiones 7.4.1 a 7.4.3 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de un ataque de fuerza bruta."
}
],
"id": "CVE-2024-50563",
"lastModified": "2025-02-03T21:54:17.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-16T10:15:09.480",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-221"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-31 16:12
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-266 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7D031B-221B-4738-AC83-4FB92A106528",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de lectura fuera de los l\u00edmites [CWE-125] en FortiOS versi\u00f3n 7.6.0, versi\u00f3n 7.4.4 y anteriores, versi\u00f3n 7.2.9 y anteriores y el servicio IKE IPsec de la versi\u00f3n 24.3.b del inquilino FortiSASE FortiOS puede permitir que un atacante remoto no autenticado active el consumo de memoria, lo que lleva a una denegaci\u00f3n de servicio a trav\u00e9s de solicitudes manipuladas."
}
],
"id": "CVE-2024-46670",
"lastModified": "2025-01-31T16:12:16.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:32.243",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-266"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-24 20:29
Modified
2024-11-21 03:12
Severity ?
Summary
A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/104312 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1040983 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-245 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104312 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040983 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-245 | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3085A41F-2305-46D3-AE10-6D256B6E1F95",
"versionEndIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDB1D22-D470-4AA4-AFB9-1A3D28E69C2A",
"versionEndIncluding": "5.4.8",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44E69B8-A1E8-437B-ADA3-10DE256B3368",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalado de privilegios local y ejecuci\u00f3n de c\u00f3digo local en Fortinet FortiOS, de la versi\u00f3n 5.6.0 hasta la 5.6.2, de la versi\u00f3n 5.4.0 hasta la 5.4.8 y en versiones 5.2 y anteriores, permite que un atacante ejecute un programa binario no autorizado en una memoria USB conectada en un FortiGate enlazando dicho programa binario con un comando que puede ser ejecutado por el comando fnsysctl de la interfaz de l\u00ednea de comandos."
}
],
"id": "CVE-2017-14187",
"lastModified": "2024-11-21T03:12:19.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-24T20:29:00.210",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104312"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040983"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-245"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-13 16:15
Modified
2024-08-22 14:36
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-012 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B26D3CC8-B77D-4C5C-B3AC-096679F47877",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F754A050-02F5-4848-9065-5E15117B227E",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "7.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14113139-B64B-4069-A88F-D1999ED7EC18",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS 7.4.0 a 7.4.3, 7.2.5 a 7.2.7, 7.0.12 a 7.0.14 y 6.4.x puede permitir que un atacante que ya haya obtenido acceso de escritura con \u00e9xito al sistema subyacente (a trav\u00e9s de otro exploit hipot\u00e9tico) para evitar el sistema de verificaci\u00f3n de integridad de archivos."
}
],
"id": "CVE-2024-36505",
"lastModified": "2024-08-22T14:36:31.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-13T16:15:08.970",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-012"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 06:58
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-080 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-080 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6607C71D-D434-430A-8DFD-9125381D2D36",
"versionEndIncluding": "2.0.11",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E60913-FBE9-467B-AB4B-CA85E97527BA",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B53FFE-073D-43E9-9D6F-9C86937C0228",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A87D865A-6411-4807-81D4-6A5C052C03C9",
"versionEndIncluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6D1D19-1227-42BE-87A7-E798D60059A5",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A missing cryptographic steps vulnerability [CWE-325]\u00a0in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an\u00a0attacker in\u00a0possession of the encrypted key to decipher it."
}
],
"id": "CVE-2022-29054",
"lastModified": "2024-11-21T06:58:25.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:12.263",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-080"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-329"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-17 20:42
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-293 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D18D6E-AD93-4183-B9A9-458E791ED126",
"versionEndExcluding": "7.2.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en las versiones de FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0 todas las versiones, 6.4 todas las versiones, 6.2 todas las versiones y 6.0 todas las versiones permite a un atacante activar una denegaci\u00f3n de servicio a trav\u00e9s de una solicitud http manipulada."
}
],
"id": "CVE-2023-42786",
"lastModified": "2025-01-17T20:42:31.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:27.237",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-11-21 08:54
Severity ?
1.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-423 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-423 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3158CE17-3505-4946-9DC9-99FDF741AB4C",
"versionEndIncluding": "2.0.14",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "216CB66F-E038-43F5-80AC-3F2735C354DA",
"versionEndIncluding": "7.0.18",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B10CB2F-7086-479A-A826-CF78F19CFB8B",
"versionEndIncluding": "7.2.11",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A077234-F19C-4E87-A7A5-A266B5C903C7",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884279B3-E480-44E1-B126-5C1029B6BE75",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F75019A7-F58D-4863-AE73-B63E38C8D880",
"versionEndIncluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678EB0FA-2B29-4108-8378-C4803A543193",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a\u00a0privileged attacker with super-admin profile and CLI access to decrypting the backup file."
},
{
"lang": "es",
"value": "Un uso de hash de contrase\u00f1a con vulnerabilidad de esfuerzo computacional insuficiente [CWE-916] que afecta a FortiOS versi\u00f3n 7.4.3 e inferior, 7.2 todas las versiones, 7.0 todas las versiones, 6.4 todas las versiones y FortiProxy versi\u00f3n 7.4.2 e inferior, 7.2 todas las versiones, 7.0 todas versiones, 2.0, todas las versiones pueden permitir que un atacante privilegiado con perfil de superadministrador y acceso CLI pueda descifrar el archivo de copia de seguridad."
}
],
"id": "CVE-2024-21754",
"lastModified": "2024-11-21T08:54:56.877",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.3,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-11T15:16:03.433",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-916"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:45
Severity ?
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-479 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-479 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "176E9BB3-EAC8-48BF-B7E0-B5F1A59DB01E",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9463F12-5733-4BBD-9A19-FAF05E3F8686",
"versionEndExcluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE32DAA-88FE-4134-84CC-8C071F92D5F3",
"versionEndExcluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C012F20-C335-46E8-B626-1634DB044942",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A url redirection to untrusted site (\u0027open redirect\u0027) in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests."
}
],
"id": "CVE-2023-22641",
"lastModified": "2024-11-21T07:45:06.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T17:15:08.100",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-479"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:05
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-139 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-139 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Fortinet FortiOS 7.2.0 - 7.2.4 y 7.4.0 permite a un atacante acceder a un recurso restringido desde un host no confiable."
}
],
"id": "CVE-2023-33301",
"lastModified": "2024-11-21T08:05:22.220",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:11.217",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-139"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 14:59
Modified
2024-11-21 02:58
Severity ?
Summary
A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://fortiguard.com/advisory/FG-IR-16-050 | Not Applicable | |
| psirt@fortinet.com | http://www.securityfocus.com/bid/94690 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1037394 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fortiguard.com/advisory/FG-IR-16-050 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94690 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037394 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them."
},
{
"lang": "es",
"value": "Un administrador de s\u00f3lo lectura en dispositivos Fortinet con FortiOS 5.2.x en versiones anteriores a 5.2.10 GA y FortiOS 5.4.x en versiones anteriores a 5.4.2 GA puede tener acceso de lectura-escritura a hashes de contrase\u00f1as de administradores (no incluyendo super-admins), almacenados en el dispositivo a trav\u00e9s de la API Rest webui, y puede por lo tanto ser capaz de romperlo."
}
],
"id": "CVE-2016-7542",
"lastModified": "2024-11-21T02:58:10.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T14:59:00.197",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Not Applicable"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-050"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94690"
},
{
"source": "psirt@fortinet.com",
"url": "http://www.securitytracker.com/id/1037394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037394"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-08 16:59
Modified
2024-11-21 02:59
Severity ?
Summary
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/94480 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-16-067 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94480 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-16-067 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A91AE7E3-D33B-4235-916E-D4400595809B",
"versionEndIncluding": "4.3.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DACF637E-FB3C-4FE5-B7EA-40D4DD891A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B75D8F35-830C-498C-B658-AE89154BEB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CBC65E-6DF2-406D-9037-897218AB9257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB85DAD-03EA-4B16-8FF8-F02ACEF0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A97B341D-3B9D-4D37-8D5B-6062BE1C3AC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "720D70D8-9B45-4395-8989-B90884389D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6E8681-0D3F-46ED-8B84-59E07FBB0F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A93B8A3E-BB55-46EF-B48C-E425A7A71C8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de un ANSI X9.31 RNG en Fortinet FortiGate permite a atacantes obtener acceso de lectura no autorizada a los datos manejados por el dispositivo a trav\u00e9s de descifrado IPSec/TLS."
}
],
"id": "CVE-2016-8492",
"lastModified": "2024-11-21T02:59:28.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-08T16:59:00.260",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94480"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-16-067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-16-067"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:25
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-401 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-401 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6607C71D-D434-430A-8DFD-9125381D2D36",
"versionEndIncluding": "2.0.11",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B53FFE-073D-43E9-9D6F-9C86937C0228",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A87D865A-6411-4807-81D4-6A5C052C03C9",
"versionEndIncluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests."
}
],
"id": "CVE-2022-42476",
"lastModified": "2024-11-21T07:25:02.870",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T17:15:12.303",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-401"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-23"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 16:58
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-111 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-111 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A233FC6A-9ABE-46AC-8332-0DD0075C6DB6",
"versionEndExcluding": "2.0.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0AB0B8-819F-46EE-A921-119B76A138B5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F15A3418-4EE7-402B-9711-4F577FC64397",
"versionEndExcluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05454D49-17D8-4A7D-92C8-B33B006A35DA",
"versionEndExcluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.3, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to denial of service via specially crafted HTTP requests."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en Fortinet FortiOS versi\u00f3n 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14, 6.0.0 a 6.0.16, FortiProxy 7.2 .0 a 7.2.3, 7.0.0 a 7.0.10, 2.0.0 a 2.0.12, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 permite al atacante negar del servicio a trav\u00e9s de solicitudes HTTP especialmente manipuladas."
}
],
"id": "CVE-2023-29180",
"lastModified": "2024-12-10T16:58:41.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-22T10:15:07.947",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-111"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-11-21 08:56
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-471 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-471 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF62C95E-AB35-4A8E-84F8-5197E9D33C21",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A077234-F19C-4E87-A7A5-A266B5C903C7",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page Generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests."
},
{
"lang": "es",
"value": "Un uso de hash de contrase\u00f1a con vulnerabilidad de esfuerzo computacional insuficiente [CWE-916] que afecta a FortiOS versi\u00f3n 7.4.3 e inferior, 7.2 todas las versiones, 7.0 todas las versiones, 6.4 todas las versiones y FortiProxy versi\u00f3n 7.4.2 e inferior, 7.2 todas las versiones, 7.0 todas versiones, 2.0, todas las versiones pueden permitir que un atacante privilegiado con perfil de superadministrador y acceso CLI pueda descifrar el archivo de copia de seguridad."
}
],
"id": "CVE-2024-23111",
"lastModified": "2024-11-21T08:56:57.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-11T15:16:03.957",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 19:15
Modified
2025-01-17 20:35
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-033 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C98BE382-7A23-4231-9D1B-5D7946848F99",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFA2C3-0A23-4884-B751-785BE598DFF3",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7395B0-2864-49E3-8B70-935A17EF3162",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0improper neutralization of special elements in output used by a downstream component (\u0027Injection\u0027) vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales en la salida utilizada por un componente descendente (\u0027Inyecci\u00f3n\u0027) [CWE-74] en FortiOS versi\u00f3n 7.4.3 y anteriores, versi\u00f3n 7.2.8 y anteriores, versi\u00f3n 7.0.16 y anteriores; FortiProxy versi\u00f3n 7.4.3 y anteriores, versi\u00f3n 7.2.9 y anteriores, versi\u00f3n 7.0.16 y anteriores; FortiSASE versi\u00f3n 24.2.b La interfaz de usuario web SSL-VPN puede permitir que un atacante remoto no autenticado realice intentos de phishing a trav\u00e9s de solicitudes manipuladas."
}
],
"id": "CVE-2024-33510",
"lastModified": "2025-01-17T20:35:31.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-12T19:15:09.723",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-033"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2025-03-10 20:40
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-097 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-097 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 6.0.10 | |
| fortinet | fortios | 6.2.4 | |
| fortinet | fortios | 6.2.6 | |
| fortinet | fortios | 6.2.7 | |
| fortinet | fortios | 6.4.2 | |
| fortinet | fortios | 6.4.6 | |
| fortinet | fortios | 6.4.8 | |
| fortinet | fortios | 6.4.10 | |
| fortinet | fortios | 6.4.12 | |
| fortinet | fortios | 7.0.5 | |
| fortinet | fortios | 7.0.10 | |
| fortinet | fortigate_6000 | - | |
| fortinet | fortigate_7000 | - |
{
"cisaActionDue": "2023-07-04",
"cisaExploitAdd": "2023-06-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD57A5A-2B13-495A-8530-8F97E1720602",
"versionEndIncluding": "6.2.13",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF",
"versionEndIncluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2573C90-BE6A-4D5D-A223-F09213318909",
"versionEndIncluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D997493-24C2-4A78-9DF0-6438E9415A3C",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D0D55-1A51-454D-A8B1-D7100D453102",
"versionEndIncluding": "6.2.13",
"versionStartIncluding": "6.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6AF1FA-A034-439A-876B-BFA1BE7DE15E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9694FC0C-408A-4892-ADD1-F36F4BBBD9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A132F-601F-4129-BFCA-3A976A711D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "90600B14-07C4-455D-9FC1-17034D91B987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B28478DA-8D10-4A8E-81EA-D3DF421E5089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751D2FC7-482F-4C6B-95DB-244004A2738E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE44B20-6F00-4962-9929-5A5054BBA94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EB2FF1DA-001B-4CA1-9F46-427D9C92CBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48D0E8CC-3815-4697-86D0-DC7F66E70520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6C937-4477-438D-A252-E4102D758120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB410C9-CDD4-4068-97E0-6D83AE62B7F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CBA773-10C1-410D-BB01-771F454ABEBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests."
}
],
"id": "CVE-2023-27997",
"lastModified": "2025-03-10T20:40:57.323",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:16.613",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-097"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-08 17:55
Modified
2024-11-21 01:49
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A9AD38-4005-4B33-AB47-5E81F9AB5E32",
"versionEndIncluding": "4.3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B75D8F35-830C-498C-B658-AE89154BEB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51B177A0-244F-4A76-8425-F75C1DA3CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate-1000c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EF5E98-4A7F-486E-A666-5CB2D6AE4B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-100d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D62FF7B-F07B-4B1A-BE3C-3269BB517B64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-110c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D25F582-60D5-4B99-BF5D-DF0F075AE824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-1240b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1D6711-1D64-4BD3-9580-C332A52C169E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-200b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09756E3C-7C02-4482-B2ED-2646CA127A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-20c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F864DACE-F574-47D3-9E6D-8E463DCC1CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-300c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0C2D6-A8B3-4CF0-86CD-45CEA5D9E4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3040b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42813ADB-E285-4FF0-946C-3A09833D9520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-310b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B75EAF6-3E8C-40CC-92D1-6069123182AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-311b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB1DA95-78AD-442D-8251-3ACF49CA2329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3140b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5014850E-FE19-40E8-8FA9-0FC152167B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3240c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89280DF2-D8C0-4FDE-A79A-92687445CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3810a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB41136-3EBB-45B5-A885-69EE822E9C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3950b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB3B88B6-3B10-4CE8-A854-9621E0FB1B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-40c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5534A2C1-C352-49BD-B639-404FE61660E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5001a-sw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "615D7EB5-CA3B-430D-A1CB-8F7F17BCF403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5001b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "766FAC92-8E75-4347-9A76-DB372DA28715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9320594-0B6C-44DB-9C58-7FCBBDDC3F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD39F61-3779-44BE-B71D-0E587072D8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE424B2A-3299-496F-9778-04D0792BC0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5101c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C78680-88A9-4AB0-9FE9-333690A9B66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-5140b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA3538A-5B71-4939-8A2A-93678E6EB1D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-600c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A73FA2A-1852-4AE0-A892-9B0B06705324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-60c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F72F3FE-DC85-4605-B416-4FE31F90A06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-620b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4BC042-D692-477E-A790-7BECF4B210A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-800c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB09BD9-6853-40D6-BDA7-749D87335E4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-80c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "113E1146-572A-466A-AB34-145081F842B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-voice-80c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF418899-1667-4428-B8E8-E4E29D634DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:fortinet:fortigaterugged-100c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C24DF92-D24B-43D1-8623-17F3F90F29D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de peticiones en sitios cruzados (CSRF) en Fortinet FortiOS en el dispositivo firewall FortiGate anteriores a v4.3.13 y v5.x anteriores a v5.0.2 permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para peticiones que modifican (1) configuraci\u00f3n (2) pol\u00edticas o (3) reinicio de dispositivos a trav\u00e9s de una acci\u00f3n reinicio sobre system/maintenance/shutdown."
}
],
"id": "CVE-2013-1414",
"lastModified": "2024-11-21T01:49:32.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-08T17:55:02.783",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/26528/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/26528/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-01 12:15
Modified
2024-11-21 06:46
Severity ?
5.4 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.2 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.2 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-18-292 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-18-292 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | 7.0.0 | |
| fortinet | fortianalyzer | 7.0.1 | |
| fortinet | fortianalyzer | 7.0.2 | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | 7.0.0 | |
| fortinet | fortimanager | 7.0.1 | |
| fortinet | fortisandbox | * | |
| fortinet | fortisandbox | * | |
| fortinet | fortisandbox | * | |
| fortinet | fortisandbox | 3.0.1 | |
| fortinet | fortisandbox | 4.0.0 | |
| fortinet | fortisandbox | 4.0.1 | |
| fortinet | fortisandbox | 4.0.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2318A6AC-AA3E-4604-968C-35A46E79FCB8",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82AA3275-8A1D-43DA-880B-1EFFBD96C29D",
"versionEndIncluding": "6.4.7",
"versionStartIncluding": "6.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DC87E0-0C9F-4E65-B96E-7E91F71764AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80518C1A-60DB-4CC3-92ED-0C0BDCF2F1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8619721-489F-4BE7-BBAC-7D07FB64A8EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DFFD873-3F9B-41D8-92E6-09F84712BCE1",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67777F42-09E1-4651-807C-325A5F0D8A66",
"versionEndIncluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EB03A2-7143-407C-B622-03E6AFAF6A78",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4E6379-A79E-4135-BAF1-D53E8F56798B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF421D9-54D7-47FB-AB11-A556BDB4A372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1EE4D7-4087-4A4A-9171-F48B1C5915C0",
"versionEndIncluding": "3.0.7",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C47A3DB-A02A-488D-B0E1-867A19CE43B8",
"versionEndIncluding": "3.1.5",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16BB4915-1330-45E5-887E-AD97C29F500B",
"versionEndIncluding": "3.2.4",
"versionStartIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "527BEC13-9EC9-44AB-9F02-C948BDC96558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0260B512-77CA-4FE8-A039-D7B287A19BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CCD1A-3412-4A55-88A8-40B227FB00BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortisandbox:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51A80522-EBFC-4C3E-BF38-01453CC359F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1728ED99-9A01-4819-B382-EDEF00F97B9D",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in\u00a0FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to\u00a0man-in-the-middle the communication between the listed products and some external peers."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de certificado incorrecta [CWE-295] en FortiManager v7.0.1 y versiones inferiores, v6.4.6 y versiones inferiores; FortiAnalyzer v7.0.2 y versiones inferiores, v6.4.7 y versiones inferiores; FortiOS v6.2.x y v6.0.x; FortiSandbox v4.0.x, 3.2.x y 3.1.x puede permitir a un atacante adyacente a la red y no autenticado interceder en la comunicaci\u00f3n mediante la t\u00e9cnica de man-in-the-middle entre los productos enumerados y algunos peers externos. "
}
],
"id": "CVE-2022-22305",
"lastModified": "2024-11-21T06:46:36.330",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-01T12:15:08.363",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-18-292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-18-292"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-297"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-27 13:29
Modified
2024-11-21 03:12
Severity ?
Summary
A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html | Third Party Advisory | |
| psirt@fortinet.com | http://www.securityfocus.com/bid/101559 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039678 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-17-206 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101559 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039678 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-17-206 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9CDB2B-E454-4B91-9A47-615F31F1A3D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the \u0027params\u0027 parameter of the JSON web API."
},
{
"lang": "es",
"value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en Fortinet FortiOS desde la versi\u00f3n 5.4.0 hasta la 5.4.5 permite que un usuario autenticado haga que la interfaz gr\u00e1fica de usuario web no responda temporalmente, pasando una carga \u00fatil especialmente manipulada al par\u00e1metro \"params\" de la API web JSON."
}
],
"id": "CVE-2017-14182",
"lastModified": "2024-11-21T03:12:18.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-27T13:29:00.217",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101559"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039678"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-206"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-19 08:15
Modified
2025-01-21 20:58
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-082 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8DACBF-C9D5-4898-8294-DB887A28A9C7",
"versionEndExcluding": "5.6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D44B5E8F-6093-4E84-9197-4530032E5B5A",
"versionEndExcluding": "6.0.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B59A39D6-9494-4273-8348-1078A77DD796",
"versionEndExcluding": "6.2.5",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FECE2DC5-CFCC-4BA9-B416-4EB2C1E4D9BB",
"versionEndExcluding": "6.4.2",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context"
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el mont\u00f3n durante el procesamiento de mensajes del Protocolo de control de enlaces en las versiones 5.6.12, 6.0.10, 6.2.4 y 6.4.1 y anteriores de FortiGate puede permitir que un atacante remoto con credenciales de VPN SSL v\u00e1lidas bloquee el daemon de VPN SSL mediante el env\u00edo de un paquete LCP de gran tama\u00f1o cuando el modo t\u00fanel est\u00e1 habilitado. La ejecuci\u00f3n de c\u00f3digo arbitrario puede ser te\u00f3ricamente posible, aunque en la pr\u00e1ctica es muy dif\u00edcil de lograr en este contexto"
}
],
"id": "CVE-2020-12819",
"lastModified": "2025-01-21T20:58:57.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-19T08:15:11.770",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-082"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-18 17:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-155 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-155 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3902676A-4F5F-4C6A-A22D-DEF5EB4C0543",
"versionEndIncluding": "2.0.6",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53151CA2-647D-4E40-9247-C0F4E6CB680B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5C8467-1765-434E-8C11-65D3139459EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9ECD0B-C46E-485B-AA41-40B9C2A90547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC948E98-B48D-499B-8FD1-4B75754D2B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "668FED55-7378-487E-BE00-C33A45076F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "787C3018-40FA-415C-AF4C-D178AC4FB65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F35AB98-B0CD-4B04-992E-087054FCF91F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "91BF8703-2835-4895-A347-74B6E9A2FA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C94723AB-6BBE-4F5E-9560-5ECBE3A809A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E13ECB66-4AC4-4C1F-92DE-9C8788DD5379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "640AC3C4-9529-4796-A2B7-E15C9AB520DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "11C09ED8-BEDB-4EAA-B55B-CD8F81FC74CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4C31FB79-990A-403F-8479-A531837C7A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFE82DC-E7BF-440A-A91E-00E5E4613592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "67411CD4-56F9-4300-BA76-87227EE5CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AE39C3-77E7-4BF0-AEA7-186A12DDC965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C49169A3-E7D2-4A4F-8729-551CCB33452A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC7D4A9-9143-4055-BAA2-E6093B5ED085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "280D0F29-9BBC-4F39-91D3-C26EBAEEFC4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "47E2D164-490D-40F2-925B-C1DF2D8905F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "17FA9D1F-22C3-4B66-89C9-68EF40D7B128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "294F7FEE-D8A0-4B6A-ACF4-539F558BAAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DE63E91F-43C9-4878-8ABF-43D6FA243B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "21E72112-DD6F-4F04-B7A6-32F4A3CD652C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46A71A-CC32-4FB9-B291-9D5213F2512B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:5.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "86D2A710-4758-4B86-82C8-D3DDFD082935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C717350D-43D2-41A4-9AA9-F8EA4F5480CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDD21BC-FD00-4CF5-B093-1E6E9DAC9613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C68C2594-036C-40E0-BAC5-78945229746C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2917F59F-366B-434E-9CCB-1B734396932A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1139A66-DE22-4D31-A17F-E0A7BB4111D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8B76AF-0BF0-4283-90B1-48D877CF69A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC98DF7-9441-4F7B-9B01-36A5F63BD401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA095F4-1B52-40B2-ADFE-19699C2F9E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF91792-6CFF-4069-826D-E252CF9CFB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41C9826B-C2E2-4A10-AC6F-CDFDBE837049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "065C0602-8785-404F-8DD5-EC884F0AC372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD90D01-091F-42BC-AC76-45A582873EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B920B4C-96A2-4341-8F19-8E08A583FEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9E1371-6C7B-4E98-B34A-9D03C6636CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "148EFCE2-1EBA-4673-98D2-86095564B727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9CDB2B-E454-4B91-9A47-615F31F1A3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "71148DC5-10A4-48C3-AD65-967F66B6078C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6A08987A-D448-4E46-ACB5-DF38CDBDD55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A35CD0-765F-48BD-A450-E78F213518B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8492560-24C1-43B6-A420-068FA9E3C496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5A3D4C-EF73-4676-A5E3-4008E7AF068D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BE267898-AB2B-452E-B219-E0E6885DC5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6F223989-D906-4B0E-B54B-3D2639745837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DC5908-9E16-4D12-9F48-AE921ED0D8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C7AEE7B-AB79-462A-BEEF-6EEC558FB8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADEC69D2-AA57-464C-B59E-585566CCFE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "521E94FB-8CB3-486B-A882-49F0ACBAC502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F29537A6-456D-41B4-94D6-2FBA9DA3CC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "82AF3064-9B75-471E-9ADB-F55B64E453BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BC71169D-0BF3-40BC-8460-A0906B1F21F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC7B4D7-9F3A-43FC-930E-AC55E34A94EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48B877ED-AF81-42B1-9E88-2CD4831C6D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "934A3FB3-97A1-4981-BB15-ABBFD273D79F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "722B3D73-504E-40EB-B8FB-9F3D9A3B6DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBDD272-D412-4DF5-A823-76D0C0C036C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "3794902F-7A0C-4EA3-B0E3-959D118ABE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE0B7E1-0D61-48C2-ADDB-E009ACBEE084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "01048DC4-07BB-4689-A7E8-F0CC4F50718D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3907C1C9-EAEB-4287-82DA-06F242DEA639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "20A322D8-C0F0-4F31-81F5-94A12B2B88F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCB90C9-976A-4D85-A84D-A6970E9C11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92CA4075-BA53-415E-9348-C4D3F93A683C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "363F14B5-66AC-4CA2-A11B-E1D70C307C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF39DA1-D854-4540-B410-3ECD5A83E95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C552DD33-EAC7-472E-9A1B-4BAF558D7DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "59D90493-FB83-43F0-A576-C90AE7775313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8E997-3D10-48D2-8FCF-34B8A976A944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6AF1FA-A034-439A-876B-BFA1BE7DE15E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F54D5CC0-D4F4-4F8C-8CD9-A7456ED226F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E76E7EE1-0B07-4B56-A069-AF3B5BBCB79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "532A62AB-40C5-4C12-8079-EABCA583DB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "64AC05A1-EF48-4282-BB3C-ED60E45CEEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72C437B7-75F8-4DDC-9670-19E2C21ACB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B468AF9F-1619-4399-A1A5-115C26FB01DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4929DC17-1B20-432D-AEDA-3B3213DC6022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2625D2C3-A5DE-446A-B551-825B2B24EE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9694FC0C-408A-4892-ADD1-F36F4BBBD9EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5783F-CE5B-4B8F-AF7C-C182B3ED3EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8A132F-601F-4129-BFCA-3A976A711D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "90600B14-07C4-455D-9FC1-17034D91B987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "953B6278-878B-4B17-8AA2-641A0604F14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4739957D-6605-4F88-AF5F-144598270928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AF22D78B-ED8E-42A1-8F0C-F4B52B084B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E45EB-4C8C-4777-9200-08B14595A3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D114536-7169-4814-B011-570E3AD86A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B28478DA-8D10-4A8E-81EA-D3DF421E5089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4C423AC8-4AA2-426E-8F76-7E5B3CDF82BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43906627-A03E-42EA-9923-DECBAE34A818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E77E34E-9E3F-4022-9969-6DCEDAD1590A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F935F9-5B6A-47C2-8F65-7A1E8BB061FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "91C045DF-72E9-4B33-B990-6BA25EDA7209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49D51C9F-CED3-4EA0-89EB-3A63F54B10E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ADC427FF-F227-401D-8F41-8B3268D577CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73DADA28-4371-4639-AB3D-BA82F365A337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04DB567F-A4D9-483F-83CB-8807EEF6FB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBADF2A-2C17-4D37-8315-3B003854AE77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2673E9-3227-4EAC-9ECD-6576A575F4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4742E76F-3030-45F6-A54B-B337D3C6705B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "056CF29E-1953-4B25-8247-E9A59F511890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9CC045-D163-417F-B8AB-DC07352B81C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "962B9BAB-7414-4E6B-AF5D-F7BB0951229C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "94283031-0C2F-46B3-BAFE-69900C5DB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA67378-E9BC-4BAE-856D-FEDB42104406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4BEB4C-396B-44AB-8E27-357A650A5764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53DC5E3E-C08C-4491-9650-0781C4327225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "484F6C79-3498-45E3-BF74-CF6075E7D31A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "843F4434-651D-4A22-80C3-77397E059A98",
"versionEndIncluding": "6.0.7",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "549EE910-DAC4-45B7-AE45-6B6A786CD2F5",
"versionEndIncluding": "6.2.7",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A13E485-2362-4AC0-9B8E-41998257B31F",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A44AA3D5-FE43-429E-B238-0954D83778A4",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros / wraparound [CWE-190] en FortiSwitch versiones 7.0.2 y anteriores, 6.4.9 y anteriores, 6.2.x, 6.0.x; FortiRecorder 6.4.2 y anteriores, 6.0.10 y anteriores; FortiOS 7.0.2 y anteriores, 6.4.8 y anteriores, 6.2.10 y anteriores, 6.0.x; FortiProxy 7. 0.0, 2.0.6 y anteriores, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 y anteriores, 6.0.10 y anteriores, dhcpd daemon puede permitir a un atacante no autenticado y adyacente a la red bloquear el dhcpd deamon, resultando en una potencial denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-42755",
"lastModified": "2024-11-21T06:28:06.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-18T17:15:08.413",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-155"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-17 10:15
Modified
2024-11-21 07:56
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-149 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-149 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81949446-ADC8-4B07-95FF-3C2D27DDF927",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability [CWE-121]\u00a0in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections."
}
],
"id": "CVE-2023-29182",
"lastModified": "2024-11-21T07:56:40.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-17T10:15:09.703",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-149"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:09
Severity ?
3.9 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-104 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-104 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n inadecuada de etiquetas html relacionadas con scripts en una p\u00e1gina web (xss b\u00e1sico) en Fortinet FortiOS 7.2.0 - 7.2.4 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de los componentes SAML y Security Fabric."
}
],
"id": "CVE-2023-36555",
"lastModified": "2024-11-21T08:09:55.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.077",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-104"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-14 18:15
Modified
2024-11-21 07:53
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-396 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-396 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E4FB93-7111-4F2A-8D5A-F276261D0E67",
"versionEndIncluding": "2.0.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5DEE06-6CEC-4EDE-BEA7-EDBE65EBF8F5",
"versionEndIncluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D052D03-B855-4C9E-BCF9-7AEE6464050B",
"versionEndIncluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and VMs may allow a local attacker\u00a0with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n inadecuada del valor de verificaci\u00f3n de integridad [CWE-354] en FortiOS 7.2.0 a 7.2.3, 7.0.0 a 7.0.12, 6.4 todas las versiones, 6.2 todas las versiones, 6.0 todas las versiones y FortiProxy 7.2 todas las versiones, 7.0 todas versiones, 2.0 todas las versiones. Las m\u00e1quinas virtuales pueden permitir que un atacante local con privilegios de administrador inicie una imagen maliciosa en el dispositivo y omita la verificaci\u00f3n de integridad del sistema de archivos vigente."
}
],
"id": "CVE-2023-28002",
"lastModified": "2024-11-21T07:53:54.707",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-14T18:15:29.137",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-396"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-391 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 | |
| fortinet | fortios | 7.2.1 | |
| fortinet | fortios | 7.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B73D78B-2270-45B7-854E-F985B8D88F3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03222066-2B1D-4854-8CAE-6992D7F40150",
"versionEndIncluding": "2.0.10",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B53FFE-073D-43E9-9D6F-9C86937C0228",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6F9869-F824-4519-986E-A032668EA7BA",
"versionEndIncluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B736A23-95B8-4D87-863A-AC8E901078EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5CE1D01-26C0-4141-B7B1-E26B976DF835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal vulnerability\u00a0[CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read and write files on the underlying Linux system via crafted HTTP requests."
}
],
"id": "CVE-2022-41335",
"lastModified": "2024-11-21T07:23:04.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:13.513",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-391"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-23"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-24 16:30
Modified
2024-11-21 02:57
Severity ?
Summary
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51D04470-D6AE-49E1-8716-D4C6A0C886E9",
"versionEndExcluding": "4.1.11",
"versionStartIncluding": "4.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E36920-CDE6-49B2-83D2-CDA51787047D",
"versionEndExcluding": "4.2.13",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775894ED-A48E-4671-87FE-95EC83CBE507",
"versionEndExcluding": "4.3.9",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A38ED363-9836-4F42-AB45-655706FFFF82",
"versionEndIncluding": "3.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el analizador Cookie en Fortinet FortiOS 4.x en versiones anteriores a 4.1.11, 4.2.x en versiones anteriores a 4.2.13 y 4.3.x en versiones anteriores a 4.3.9 y FortiSwitch en versiones anteriores a 3.4.3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una petici\u00f3n HTTP manipulada, tambi\u00e9n conocido como EGREGIOUSBLUNDER."
}
],
"id": "CVE-2016-6909",
"lastModified": "2024-11-21T02:57:04.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-24T16:30:00.137",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92523"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036643"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40276/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-29 11:03
Modified
2024-11-21 00:04
Severity ?
Summary
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 2.50 | |
| fortinet | fortios | 2.80 | |
| fortinet | fortios | 3.0 | |
| fortinet | forticlient | 2.0 | |
| fortinet | fortimanager | 2.80 | |
| fortinet | fortimanager | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2815EF-253B-4E3D-BFA7-265021783158",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "767E66F6-7AF3-4541-8797-D7503D852044",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "631ED29C-890E-4C53-8ADB-0061125FEEDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:forticlient:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "343CE116-E1F3-4D0B-BA0C-E47991381DE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortimanager:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "B17E0546-1109-46F9-96A3-B88A2BA0AB0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortimanager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4009E181-9A4D-42FF-A7C6-4267E54097E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"id": "CVE-2005-4570",
"lastModified": "2024-11-21T00:04:37.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-29T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18446"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fortinet.com/FortiGuardCenter/VU226364.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15997"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.fortinet.com/FortiGuardCenter/VU226364.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0182"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-02 12:15
Modified
2024-11-21 07:02
Severity ?
3.9 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-228 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-228 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7730E2-63AD-48F2-AE0A-6C8C9369A734",
"versionEndExcluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D8305A-382B-4965-9DCD-E85E7ACD126B",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDB271-0A73-4C94-B3CE-B766E99898C0",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack."
},
{
"lang": "es",
"value": "Una vulnerabilidad de error de administraci\u00f3n de claves [CWE-320] que afecta la clave de host RSA SSH en FortiOS 7.2.0 y versiones anteriores, 7.0.6 y versiones anteriores, 6.4.9 y versiones anteriores puede permitir que un atacante no autenticado realice un ataque de hombre en el medio."
}
],
"id": "CVE-2022-30307",
"lastModified": "2024-11-21T07:02:32.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-02T12:15:52.903",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-228"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-12-11 19:55
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-017 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n o manejo inadecuado de la vulnerabilidad de condiciones excepcionales [CWE-703] en Fortinet FortiOS versi\u00f3n 7.4.1 permite que un atacante no autenticado provoque una denegaci\u00f3n de servicio en la interfaz administrativa a trav\u00e9s de solicitudes HTTP manipuladas."
}
],
"id": "CVE-2024-26007",
"lastModified": "2024-12-11T19:55:59.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:40.370",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-017"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:58
Severity ?
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-158 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-158 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E417AB31-3C1E-47C9-941B-36026B4379E8",
"versionEndIncluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA09A86A-A8BE-45F7-96C8-747C5DB658C5",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103E0368-0675-4511-95BF-D5CCD67BBAA5",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it."
},
{
"lang": "es",
"value": "Una vulnerabilidad de pasos criptogr\u00e1ficos faltantes [CWE-325] en las funciones que cifran los archivos keytab en FortiOS versiones 7.2.0, 7.0.0 hasta 7.0.5 y anteriores a 7.0.0, puede permitir a un atacante en posesi\u00f3n del archivo cifrado descifrarlo."
}
],
"id": "CVE-2022-29053",
"lastModified": "2024-11-21T06:58:24.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:13.007",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-158"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:16
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-346 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-346 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41A9C3D8-28F8-4E91-9C6A-05DB343F1ACC",
"versionEndIncluding": "2.0.9",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E60913-FBE9-467B-AB4B-CA85E97527BA",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B24750-4A57-4F80-AAE8-8AC316B376C2",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5056BFD5-9618-44FC-98E8-C4DA386F9925",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E1421F-A467-41FE-9065-1512008E942D",
"versionEndExcluding": "7.2.1",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users)\u00a0to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands."
}
],
"id": "CVE-2022-38378",
"lastModified": "2024-11-21T07:16:21.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:12.930",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-346"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:29
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-415 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-415 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D1811FC-A5FC-4828-ACB1-0D2568FA9240",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria [CWE-121] en Fortinet FortiOS versi\u00f3n 7.2.1 a 7.2.6 y versi\u00f3n 7.4.0 a 7.4.1 permite a un atacante privilegiado sobre la interfaz administrativa ejecutar c\u00f3digo o comandos arbitrarios a trav\u00e9s de HTTP o Solicitudes HTTP."
}
],
"id": "CVE-2023-46714",
"lastModified": "2024-11-21T08:29:08.413",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:25.840",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-415"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 17:15
Modified
2024-11-21 04:45
Severity ?
Summary
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-19-134 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-19-134 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDD29F8-B339-4C3B-AF3F-77BB3D323D1D",
"versionEndIncluding": "5.6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA4CED9-EAB9-4FE4-B058-CC4D3E03C520",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72C437B7-75F8-4DDC-9670-19E2C21ACB27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system\u0027s builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n inapropiada de permisos o valores en la consola de la CLI puede permitir a un usuario no privilegiado obtener claves privadas en texto plano de Fortinet FortiOS de los certificados locales incorporados del sistema mediante la desconfiguraci\u00f3n de la contrase\u00f1a de cifrado de claves en FortiOS versi\u00f3n 6.2.0, versiones 6.0.0 hasta 6.0.6, y versiones 5.6.10 y por debajo, o por un usuario que carg\u00f3 certificados locales mediante la configuraci\u00f3n de una contrase\u00f1a vac\u00eda en FortiOS versiones 6.2.1, 6.2.0, y versiones 6.0.6 y por debajo."
}
],
"id": "CVE-2019-5593",
"lastModified": "2024-11-21T04:45:11.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T17:15:12.173",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-134"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 14:15
Modified
2024-11-21 05:36
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-009 | Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-236 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-009 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-236 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D87AB8E6-5D58-4C4D-A465-29E756B0AA82",
"versionEndExcluding": "1.2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF2FC57-1A6E-422B-9EB5-5A9EF683BDAB",
"versionEndExcluding": "6.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B59A39D6-9494-4273-8348-1078A77DD796",
"versionEndExcluding": "6.2.5",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the \"diag sys ha checksum show\" command."
},
{
"lang": "es",
"value": "Un vulnerabilidad almacenamiento de informaci\u00f3n confidencial en texto sin cifrar en la interfaz de l\u00ednea de comandos de FortiOS en las versiones 6.2.4 y anteriores y FortiProxy en las versiones versiones 2.0.0, 1.2.9 y anteriores, puede permitir a un atacante autenticado obtener informaci\u00f3n confidencial como las contrase\u00f1as de los usuarios al conectarse a la CLI de FortiGate y ejecutar el comando \"diag sys ha checksum show\""
}
],
"id": "CVE-2020-6648",
"lastModified": "2024-11-21T05:36:05.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T14:15:20.387",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-009"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-236"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-17 12:15
Modified
2024-11-21 06:07
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
3.8 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Summary
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-243 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-243 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C3E2FE-ACE4-4E66-AEBB-E10E451A2F3A",
"versionEndIncluding": "5.6.9",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6EF01D9-50FB-4300-87FB-132649A9AC51",
"versionEndIncluding": "6.0.13",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE47BA6-6F1B-40E9-8FE5-5752389875DF",
"versionEndExcluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "868E19AD-D2ED-4424-9CA1-56E07BFBC0DB",
"versionEndExcluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list."
},
{
"lang": "es",
"value": "Una vulnerabilidad de exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en FortiOS CLI versiones 7.0.0, 6.4.0 a 6.4.6, 6.2.0 a 6.2.9, 6.0.x y 5.6.x, puede permitir a un usuario local y autenticado asignado a un VDOM espec\u00edfico recuperar informaci\u00f3n de otros VDOMs como la lista de cuentas de administrador y la lista de interfaces de red"
}
],
"id": "CVE-2021-32600",
"lastModified": "2024-11-21T06:07:21.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-17T12:15:16.917",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-243"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-10 14:15
Modified
2024-11-21 06:30
Severity ?
9.0 (Critical) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-242 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-242 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4361DFE-431C-470A-9C9A-263681F125CC",
"versionEndIncluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB40D8E4-7974-49A2-9D6F-37B2EF33A596",
"versionEndIncluding": "6.4.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0E6170-82F7-4A63-95B7-9D02E27B6867",
"versionEndIncluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n inapropiada de los elementos especiales usados en un comando os (\"inyecci\u00f3n de comando de os\") en Fortinet FortiOS versi\u00f3n 6.0.0 hasta 6.0.14, FortiOS versi\u00f3n 6.2.0 hasta 6.2.10, FortiOS versi\u00f3n 6.4.0 hasta 6.4.8, FortiOS versi\u00f3n 7.0.0 hasta 7.0.3, permite a un atacante ejecutar comandos privilegiados en un FortiSwitch vinculado por medio de comandos CLI de diagn\u00f3stico"
}
],
"id": "CVE-2021-44171",
"lastModified": "2024-11-21T06:30:29.923",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-10T14:15:09.650",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-242"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-27 21:15
Modified
2024-11-21 04:29
Severity ?
Summary
An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-236 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-236 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A44C4B-988B-45E4-BA76-8984A9AB9AB0",
"versionEndIncluding": "6.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D526BAA8-202A-40A9-87F9-68FB597299E6",
"versionEndIncluding": "6.2.1",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Comprobaci\u00f3n de Entrada Inapropiada en el portal VPN SSL de FortiOS versiones 6.2.1 y posteriores, y versiones 6.0.6 y posteriores, puede permitir a un atacante remoto no identificado bloquear el servicio VPN SSL enviando una petici\u00f3n POST especialmente dise\u00f1ada."
}
],
"id": "CVE-2019-15705",
"lastModified": "2024-11-21T04:29:17.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-27T21:15:12.747",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-15 20:59
Modified
2024-11-21 02:47
Severity ?
Summary
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD59A87-5F49-4C62-9A7A-2481F05704AE",
"versionEndIncluding": "4.3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51B177A0-244F-4A76-8425-F75C1DA3CC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session."
},
{
"lang": "es",
"value": "Fortinet FortiAnalyzer en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.5; FortiSwitch 3.3.x en versiones anteriores a 3.3.3; FortiCache 3.0.x en versiones anteriores a 3.0.8; y FortiOS 4.1.x en versiones anteriores a 4.1.11, 4.2.x en versiones anteriores a 4.2.16, 4.3.x en versiones anteriores a 4.3.17 y 5.0.x en versiones anteriores a 5.0.8 tienen una frase de contrase\u00f1a embebida para la cuenta Fortimanager_Access, lo que permite a atacantes remotos obtener acceso administrativo a trav\u00e9s de una sesi\u00f3n SSH."
}
],
"id": "CVE-2016-1909",
"lastModified": "2024-11-21T02:47:19.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-15T20:59:00.100",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/26"
},
{
"source": "cve@mitre.org",
"url": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034663"
},
{
"source": "cve@mitre.org",
"url": "https://twitter.com/esizkur/status/686842135501508608"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39224/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://twitter.com/esizkur/status/686842135501508608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39224/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-01 19:15
Modified
2024-11-21 05:06
Severity ?
2.6 (Low) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-091 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-091 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E239D7B-8B65-4639-9390-F62C5A584B18",
"versionEndIncluding": "5.6.13",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91921D15-AC8B-4303-BF4B-32FC53B9EB53",
"versionEndIncluding": "6.0.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B9C172-F8C6-416C-ADB9-AF893FB0A78C",
"versionEndIncluding": "6.2.5",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4B21C8-D766-40AF-82F3-924210471D04",
"versionEndIncluding": "6.4.3",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n de entrada inapropiada en Fortinet FortiGate versiones 6.4.3 y anteriores, versiones 6.2.5 y anteriores, versiones 6.0.11 y anteriores, versiones 5.6.13 y anteriores, permite a un atacante revelar informaci\u00f3n confidencial por medio de paquetes SNI Client Hello TLS."
}
],
"id": "CVE-2020-15936",
"lastModified": "2024-11-21T05:06:29.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-01T19:15:08.097",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-091"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 22:29
Modified
2024-11-21 04:45
Severity ?
Summary
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "err" parameter of the error process HTTP requests.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D27D2C-5211-41A7-B0F4-7721EE7884BF",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"err\" parameter of the error process HTTP requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad reflejada de Cross-Site-Scripting (XSS) en Fortinet FortiOS 6.0.0 a 6.0.4 bajo el portal web SSL VPN puede permitir que un atacante ejecute c\u00f3digo de script malicioso no autorizado a trav\u00e9s del par\u00e1metro \"err\" de las solicitudes HTTP del proceso de error."
}
],
"id": "CVE-2019-5588",
"lastModified": "2024-11-21T04:45:11.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T22:29:00.423",
"references": [
{
"source": "psirt@fortinet.com",
"url": "http://www.securityfocus.com/bid/108618"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/108618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:25
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-362 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-362 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 | |
| fortinet | fortios | 7.2.1 | |
| fortinet | fortios | 7.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03222066-2B1D-4854-8CAE-6992D7F40150",
"versionEndIncluding": "2.0.10",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1279D1CF-6815-4491-AC1C-54C64C2F5FC5",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B53FFE-073D-43E9-9D6F-9C86937C0228",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A87D865A-6411-4807-81D4-6A5C052C03C9",
"versionEndIncluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B736A23-95B8-4D87-863A-AC8E901078EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5CE1D01-26C0-4141-B7B1-E26B976DF835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of crlf sequences in http headers (\u0027http response splitting\u0027) in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response."
}
],
"id": "CVE-2022-42472",
"lastModified": "2024-11-21T07:25:02.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:13.583",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-362"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-113"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-09 16:29
Modified
2024-11-21 03:18
Severity ?
Summary
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/107839 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-053 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107839 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-053 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42CF4335-25C7-473E-83E8-37C1B9575D45",
"versionEndIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC4C822-47EB-4EA0-834D-7A63D9F0E46D",
"versionEndIncluding": "5.6.10",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA4CED9-EAB9-4FE4-B058-CC4D3E03C520",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios en Fortinet FortiOS en las versiones 6.0.0 a 6.0.6, 5.6.0 a 5.6.10, 5.4 e inferiores permite a los usuarios administradores elevar su perfil a super_admin mediante la restauraci\u00f3n de configuraciones modificadas."
}
],
"id": "CVE-2017-17544",
"lastModified": "2024-11-21T03:18:08.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T16:29:00.367",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107839"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-053"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-12 02:29
Modified
2024-11-21 03:24
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-104 | Vendor Advisory | |
| psirt@fortinet.com | https://www.exploit-db.com/exploits/42388/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-104 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42388/ | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A509FF43-9706-4EC7-B1D0-D3BF0569C9F6",
"versionEndIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS en su versi\u00f3n 5.6.0 y anteriores permite que atacantes remotos ejecuten c\u00f3digo o comandos sin autorizaci\u00f3n mediante la entrada de acci\u00f3n durante la activaci\u00f3n de un FortiToken."
}
],
"id": "CVE-2017-3132",
"lastModified": "2024-11-21T03:24:53.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-12T02:29:00.233",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 13:15
Modified
2024-11-21 05:55
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-049 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-049 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9633128-886B-493E-8F17-00110EE0EF91",
"versionEndIncluding": "6.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros o wraparound en el asignador de memoria de SSLVPN en FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante no autenticado corromper los datos de control en el mont\u00f3n por medio de peticiones espec\u00edficamente dise\u00f1adas a SSLVPN, resultando en una ejecuci\u00f3n de c\u00f3digo potencialmente arbitraria"
}
],
"id": "CVE-2021-26109",
"lastModified": "2024-11-21T05:55:52.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T13:15:07.660",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-049"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-11 15:15
Modified
2024-11-21 08:29
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-356 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-356 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B338ECA4-60FD-499E-B22B-0F6D892C1896",
"versionEndIncluding": "6.0.18",
"versionStartIncluding": "6.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C51858C-80AE-4826-ABB8-6A678FA2F075",
"versionEndIncluding": "6.2.16",
"versionStartIncluding": "6.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E375A348-5D58-4EE0-9729-3A62BA8B7741",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en Fortinet FortiOS versi\u00f3n 7.4.0 a 7.4.1 y 7.2.0 a 7.2.7 y 7.0.0 a 7.0.12 y 6.4.6 a 6.4.15 y 6.2.9 a 6.2.16 y Las versiones 6.0.13 a 6.0.18 permiten a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de comandos CLI especialmente manipulados."
}
],
"id": "CVE-2023-46720",
"lastModified": "2024-11-21T08:29:08.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-11T15:15:55.087",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-16 10:15
Modified
2024-11-21 08:05
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-015 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-015 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6D4C77-6D88-4DD2-8A5C-610DE901EBBB",
"versionEndExcluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0AB0B8-819F-46EE-A921-119B76A138B5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter."
}
],
"id": "CVE-2023-33306",
"lastModified": "2024-11-21T08:05:22.837",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-16T10:15:09.467",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-11 09:15
Modified
2024-11-21 06:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-20-014 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-20-014 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiauthenticator | * | |
| fortinet | fortiauthenticator | 5.5.0 | |
| fortinet | fortiauthenticator | 6.1.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 6.4.0 | |
| fortinet | fortios | 6.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A3EAE7-BA29-4267-BF88-61ACA9F40AC7",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C30DF6A-2839-4B19-AF75-2A5BD82CB0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BCCE874-8B7F-4A4A-9A28-C32280E77708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6EF01D9-50FB-4300-87FB-132649A9AC51",
"versionEndIncluding": "6.0.13",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E45EB-4C8C-4777-9200-08B14595A3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D114536-7169-4814-B011-570E3AD86A3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem."
}
],
"id": "CVE-2022-22302",
"lastModified": "2024-11-21T06:46:35.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-11T09:15:09.073",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-014"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:25
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-381 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-381 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal."
}
],
"id": "CVE-2022-42469",
"lastModified": "2024-11-21T07:25:01.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T17:15:07.490",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-381"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-183"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-09 17:29
Modified
2024-11-21 03:46
Severity ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-101 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-101 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D036525-5B1B-4E56-AD31-E41AD9AE766E",
"versionEndIncluding": "5.6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3907C1C9-EAEB-4287-82DA-06F242DEA639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52A0DB21-C876-4DD3-95ED-8BA0483F0BD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol."
},
{
"lang": "es",
"value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Fortinet FortiOS versiones 6.0.1, 5.6.7 y anteriores, le permite al atacante revelar el n\u00famero de serie de FortiGate por medio del campo hostname definido en los paquetes de configuraci\u00f3n de control de conexi\u00f3n del protocolo PPTP."
}
],
"id": "CVE-2018-13366",
"lastModified": "2024-11-21T03:46:58.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-09T17:29:00.223",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-101"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-05 13:29
Modified
2024-11-21 04:15
Severity ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/104535 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1041186 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-027 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104535 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041186 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-027 | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B87EAEF-7D53-45A3-A7C0-DC7E2B7F754D",
"versionEndIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user\u0027s web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature."
},
{
"lang": "es",
"value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Fortinet FortiOS en versiones 6.0.0 y anteriores revela las credenciales de inicio de sesi\u00f3n del usuario al portal web en un archivo JavaScript enviado al lado del cliente cuando las p\u00e1ginas guardadas en el portal web emplean la funcionalidad Single Sign-On."
}
],
"id": "CVE-2018-9185",
"lastModified": "2024-11-21T04:15:08.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-05T13:29:00.740",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104535"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041186"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-027"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 19:07
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-119 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-119 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5DD84F-2A2A-40E4-AAE7-516E086556CF",
"versionEndExcluding": "2.0.13",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "122518E7-EA43-4240-AAFB-61AD2AA28A2B",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1EB4C4-34D4-449E-AB52-397F3DF750B2",
"versionEndExcluding": "6.2.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5296F4A1-F228-451A-9B42-A418B7DCFFBA",
"versionEndExcluding": "1.1.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.12, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted command."
},
{
"lang": "es",
"value": "Un uso de cadena de formato controlada externamente en Fortinet FortiOS 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14, 6.0.0 a 6.0.16 , FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, 2.0.0 a 2.0.12, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiPAM 1.0.0 a 1.0.3 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados mediante un comando especialmente manipulado."
}
],
"id": "CVE-2023-29181",
"lastModified": "2024-12-10T19:07:41.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-22T10:15:08.140",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-119"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-10 21:29
Modified
2024-11-21 03:24
Severity ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/100211 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-073 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100211 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-073 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.0.0 | |
| fortinet | fortios | 5.0.1 | |
| fortinet | fortios | 5.0.2 | |
| fortinet | fortios | 5.0.3 | |
| fortinet | fortios | 5.0.4 | |
| fortinet | fortios | 5.0.5 | |
| fortinet | fortios | 5.0.6 | |
| fortinet | fortios | 5.0.7 | |
| fortinet | fortios | 5.0.8 | |
| fortinet | fortios | 5.0.9 | |
| fortinet | fortios | 5.0.10 | |
| fortinet | fortios | 5.0.11 | |
| fortinet | fortios | 5.0.12 | |
| fortinet | fortios | 5.0.13 | |
| fortinet | fortios | 5.0.14 | |
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 | |
| fortinet | fortios | 5.2.4 | |
| fortinet | fortios | 5.2.5 | |
| fortinet | fortios | 5.2.6 | |
| fortinet | fortios | 5.2.7 | |
| fortinet | fortios | 5.2.8 | |
| fortinet | fortios | 5.2.9 | |
| fortinet | fortios | 5.2.10 | |
| fortinet | fortios | 5.4.0 | |
| fortinet | fortios | 5.4.1 | |
| fortinet | fortios | 5.4.2 | |
| fortinet | fortios | 5.4.3 | |
| fortinet | fortios | 5.4.4 | |
| fortinet | fortios | 5.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6615C7-C6F8-4E42-BA09-5A29A0B68E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C5917-BBC0-4924-9FB0-49E141DC9D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "513A1CAA-9B87-4CF5-9513-396E2E686CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62CD94B3-C430-4672-BBEA-B8A542944F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91AA2061-5D28-4DCF-9126-8D5CE57D96F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FA9832-A573-489B-A26E-7A7DFC1E0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC836E7-DAA2-4FDB-9919-D5FF35E67C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets."
},
{
"lang": "es",
"value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Fortinet FortiOS 5.6.0, 5.4.4 y versiones inferiores permite que un atacante obtenga la informaci\u00f3n de la versi\u00f3n de FortiOS mediante la inspecci\u00f3n de paquetes FortiOS IKE VendorID."
}
],
"id": "CVE-2017-3130",
"lastModified": "2024-11-21T03:24:53.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-10T21:29:00.187",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100211"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-073"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-18 15:15
Modified
2024-11-21 06:58
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-086 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-086 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95DEEC45-DE3D-4C1D-8FA3-163BF6FC12A5",
"versionEndExcluding": "1.2.13",
"versionStartIncluding": "1.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FAF62D3-E63F-4987-B030-5646E32FE6EF",
"versionEndExcluding": "2.0.10",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B778AD94-D279-42B4-A062-8231F14936B3",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85",
"versionEndExcluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7730E2-63AD-48F2-AE0A-6C8C9369A734",
"versionEndExcluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86B1AB3-F33E-461C-A19C-C3A51B47AC5F",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request."
},
{
"lang": "es",
"value": "Un acceso de puntero no inicializado en Fortinet FortiOS versi\u00f3n 7.2.0, 7.0.0 hasta 7.0.5, 6.4.0 hasta 6.4.8, 6.2.0 hasta 6.2.10, 6.0.x, FortiProxy versi\u00f3n 7. 0.0 hasta 7.0.4, 2.0.0 hasta 2.0.9, 1.2.x permite a un atacante remoto no autenticado o autenticado bloquear el demonio sslvpn por medio de una petici\u00f3n HTTP GET"
}
],
"id": "CVE-2022-29055",
"lastModified": "2024-11-21T06:58:25.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-18T15:15:09.620",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-086"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-03 14:15
Modified
2024-11-21 06:48
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-036 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-036 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E417AB31-3C1E-47C9-941B-36026B4379E8",
"versionEndIncluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB40D8E4-7974-49A2-9D6F-37B2EF33A596",
"versionEndIncluding": "6.4.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D763E12-9F72-46DA-825B-A573AC9AA947",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS versiones 6.2.0 a 6.2.11, 6.4.0 a 6.4.8 y 7.0.0 a 7.0.5, puede permitir a un atacante autenticado con un perfil de usuario restringido recopilar la informaci\u00f3n de la suma de comprobaci\u00f3n sobre los otros VDOMs por medio de comandos CLI"
}
],
"id": "CVE-2022-23442",
"lastModified": "2024-11-21T06:48:33.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-03T14:15:08.473",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-036"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-11 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.0.0 | |
| fortinet | fortios | 5.0.1 | |
| fortinet | fortios | 5.0.2 | |
| fortinet | fortios | 5.0.3 | |
| fortinet | fortios | 5.0.4 | |
| fortinet | fortios | 5.0.5 | |
| fortinet | fortios | 5.0.6 | |
| fortinet | fortios | 5.0.7 | |
| fortinet | fortios | 5.0.8 | |
| fortinet | fortios | 5.0.9 | |
| fortinet | fortios | 5.0.10 | |
| fortinet | fortios | 5.0.11 | |
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6615C7-C6F8-4E42-BA09-5A29A0B68E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C5917-BBC0-4924-9FB0-49E141DC9D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "513A1CAA-9B87-4CF5-9513-396E2E686CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62CD94B3-C430-4672-BBEA-B8A542944F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FortiOS 5.0.x before 5.0.12 and 5.2.x before 5.2.4 supports anonymous, export, RC4, and possibly other weak ciphers when using TLS to connect to FortiGuard servers, which allows man-in-the-middle attackers to spoof TLS content by modifying packets."
},
{
"lang": "es",
"value": "Vulnerabilidad en FortiOS 5.0.x en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.4 admite el anonimato, exportaci\u00f3n, RC4 y posiblemente otros cifrados d\u00e9biles al utilizar TLS para conectarse a los servidores de FortiGuard, lo que permite a atacantes man-in-the-middle suplantar contenido TLS mediante la modificaci\u00f3n de los paquetes."
}
],
"id": "CVE-2015-2323",
"lastModified": "2024-11-21T02:27:12.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-11T14:59:01.807",
"references": [
{
"source": "cve@mitre.org",
"url": "http://fortiguard.com/advisory/2015-07-24-weak-ciphers-suites-are-presented-towards-fortiguard-servers"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-021/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fortiguard.com/advisory/2015-07-24-weak-ciphers-suites-are-presented-towards-fortiguard-servers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-021/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033092"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-23 02:00
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-535 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2025-01-21",
"cisaExploitAdd": "2025-01-14",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B14CD59-F557-48A0-8458-BECD3AD7DB3A",
"versionEndExcluding": "7.0.20",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC18768-0891-465E-9900-3DF5D22A5CB3",
"versionEndExcluding": "7.2.13",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD357034-B2FD-4C2E-97FE-2C54D686D885",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to\u00a0Node.js websocket module."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS versi\u00f3n 7.0.0 a 7.0.16 y FortiProxy versi\u00f3n 7.0.0 a 7.0.19 y 7.2.0 a 7.2.12 permite que un atacante remoto obtenga privilegios de superadministrador mediante solicitudes manipuladas al m\u00f3dulo websocket Node.js."
}
],
"id": "CVE-2024-55591",
"lastModified": "2025-01-23T02:00:02.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:34.450",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-12 02:29
Modified
2024-11-21 03:32
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config Revisions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/99098 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1038705 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-127 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038705 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-127 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via \u0027Comments\u0027 while saving Config Revisions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS desde la versi\u00f3n 5.4.0 hasta la 5.4.4 permite que atacantes remotos ejecuten c\u00f3digo o comandos sin autorizaci\u00f3n mediante \u0027Comments\u0027 mientras se guardan revisiones de configuraci\u00f3n."
}
],
"id": "CVE-2017-7734",
"lastModified": "2024-11-21T03:32:33.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-12T02:29:00.373",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99098"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038705"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-127"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-06 17:15
Modified
2024-11-21 07:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-255 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-255 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03222066-2B1D-4854-8CAE-6992D7F40150",
"versionEndIncluding": "2.0.10",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C485003B-5F30-46E7-A794-84D66500739A",
"versionEndIncluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB40CF0-CC6A-44A5-BC5D-70DC7CA78D49",
"versionEndIncluding": "6.0.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B53FFE-073D-43E9-9D6F-9C86937C0228",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA09A86A-A8BE-45F7-96C8-747C5DB658C5",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC5CAD3-53CB-45C3-B4EA-10AEFE6C0016",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B736A23-95B8-4D87-863A-AC8E901078EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server."
},
{
"lang": "es",
"value": "Una omisi\u00f3n de autenticaci\u00f3n por vulnerabilidad de datos supuestamente inmutables [CWE-302] en el componente de inicio de sesi\u00f3n SSH de FortiOS 7.2.0, 7.0.0 a 7.0.7, 6.4.0 a 6.4.9, 6.2 todas las versiones, 6.0 todas las versiones y FortiProxy SSH El componente de inicio de sesi\u00f3n 7.0.0 a 7.0.5, 2.0.0 a 2.0.10, 1.2.0 todas las versiones puede permitir que un atacante remoto y no autenticado inicie sesi\u00f3n en el dispositivo mediante el env\u00edo de una respuesta Access-Challenge especialmente manipulada desde el servidor Radius."
}
],
"id": "CVE-2022-35843",
"lastModified": "2024-11-21T07:11:48.250",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-06T17:15:10.873",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-255"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the "redir" parameter of the URL seen when the "Sign in with FortiCloud" button is clicked.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-224 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-224 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC5CAD3-53CB-45C3-B4EA-10AEFE6C0016",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation [CWE-79] vulnerability in FortiOS versions 7.0.0 to 7.0.7 and 7.2.0 to 7.2.3 may allow a remote, unauthenticated attacker to launch a cross site scripting (XSS) attack via the \"redir\" parameter of the URL seen when the \"Sign in with FortiCloud\" button is clicked."
}
],
"id": "CVE-2022-41334",
"lastModified": "2024-11-21T07:23:04.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:13.443",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-224"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-15 23:15
Modified
2024-11-21 04:46
Severity ?
Summary
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-19-179 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-19-179 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21713C4E-4504-4901-BCB0-389FA7561B60",
"versionEndIncluding": "6.0.8",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72C437B7-75F8-4DDC-9670-19E2C21ACB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B468AF9F-1619-4399-A1A5-115C26FB01DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en FortiOS versiones 6.2.1, 6.2.0, 6.0.8 y por debajo hasta 5.4.0, bajo la Interfaz de Usuario Web de administraci\u00f3n puede permitir a un atacante llevar a cabo un ataque de redireccionamiento de URL por medio de una petici\u00f3n espec\u00edficamente dise\u00f1ada para la p\u00e1gina web de cambio de contrase\u00f1a inicial del administrador."
}
],
"id": "CVE-2019-6696",
"lastModified": "2024-11-21T04:46:58.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-15T23:15:11.470",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-179"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2025-01-27 21:30
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-389 | Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-231 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-389 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-231 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2022-07-10",
"cisaExploitAdd": "2022-01-10",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiProxy Improper Authorization",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B47708E-8A92-4767-8685-49C3143D0920",
"versionEndExcluding": "1.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "250C33C2-29AD-4B75-BF05-E7256B4A5B54",
"versionEndExcluding": "5.4.11",
"versionStartIncluding": "5.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A60D8EF-E47F-45A9-8E40-0169609D9B7B",
"versionEndExcluding": "5.6.9",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D37F1481-E7A7-4428-89C9-5DF9D206D056",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests"
},
{
"lang": "es",
"value": "Una vulnerabilidad de autorizaci\u00f3n inadecuada en Fortinet FortiOS versiones 6.0.0 a 6.0.4, 5.6.0 a 5.6.8 y 5.4.1 a 5.4.10 y FortiProxy versiones 2.0.0, 1.2.0 a 1.2.8, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 en el portal web SSL VPN permite a un atacante no autenticado modificar la contrase\u00f1a de un usuario del portal web SSL VPN a trav\u00e9s de peticiones HTTP especialmente dise\u00f1adas"
}
],
"id": "CVE-2018-13382",
"lastModified": "2025-01-27T21:30:41.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T21:29:00.373",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-389"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-231"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-02 18:15
Modified
2024-11-21 06:25
Severity ?
3.5 (Low) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-074 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-074 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88D6903E-70D0-4D63-BC68-BA37EE91BCB1",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connection to a malicious LDAP server via options in GUI, leading to disclosure of sensitive information, such as AD credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad de comprobaci\u00f3n inapropiada de certificado con desajuste de host [CWE-297] en FortiOS versiones 6.4.6 y por debajo, de puede permitir la conexi\u00f3n a un servidor LDAP malicioso por medio de las opciones de la interfaz gr\u00e1fica de usuario, conllevando a una divulgaci\u00f3n de informaci\u00f3n confidencial, como las credenciales de AD"
}
],
"id": "CVE-2021-41019",
"lastModified": "2024-11-21T06:25:16.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-02T18:15:08.660",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-074"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:04
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-282 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B93C73-1E94-4854-8405-C3689860A74C",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B276403-CE85-445A-9E5D-BBFBD7AB7A68",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "678EB0FA-2B29-4108-8378-C4803A543193",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of crlf sequences in http headers (\u0027http response splitting\u0027) in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows attacker to execute unauthorized code or commands via crafted HTTP header."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n incorrecta de las secuencias crlf en los encabezados http (\"divisi\u00f3n de respuesta http\") en Fortinet FortiOS 7.2.0 a 7.6.0, FortiProxy 7.2.0 a 7.4.5 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s del encabezado HTTP manipulado."
}
],
"id": "CVE-2024-54021",
"lastModified": "2025-02-03T22:04:26.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:34.287",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-282"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-113"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-02 12:15
Modified
2024-11-21 07:11
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-223 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-223 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA09A86A-A8BE-45F7-96C8-747C5DB658C5",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE466DB5-F176-45E6-B017-A658A0B74836",
"versionEndIncluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS."
},
{
"lang": "es",
"value": "Una exposici\u00f3n de informaci\u00f3n sensible a una vulnerabilidad de un actor no autorizado [CWE-200] en FortiOS SSL-VPN versiones 7.2.0, versiones 7.0.0 a 7.0.6 y versiones 6.4.0 a 6.4.9 puede permitir que un atacante remoto no autenticado obtenga informaci\u00f3n sobre las configuraciones LDAP y SAML configuradas en FortiOS."
}
],
"id": "CVE-2022-35842",
"lastModified": "2024-11-21T07:11:48.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-02T12:15:53.377",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-223"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-477 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-477 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 1.1.5 | |
| fortinet | fortiproxy | 1.1.6 | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6607C71D-D434-430A-8DFD-9125381D2D36",
"versionEndIncluding": "2.0.11",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "19FD3769-7C9A-4570-A284-34CB19672108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74FB2CB1-DBDB-4CA6-A98C-08ACE0044CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD57A5A-2B13-495A-8530-8F97E1720602",
"versionEndIncluding": "6.2.13",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A87D865A-6411-4807-81D4-6A5C052C03C9",
"versionEndIncluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E775D02-7C02-40BE-A118-D874B9BBC936",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated attacker to crash the sslvpn daemon via an HTTP GET request."
}
],
"id": "CVE-2022-45861",
"lastModified": "2024-11-21T07:29:51.513",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T17:15:12.380",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-477"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-02-03 22:18
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-259 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.6.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7269FDB6-A1D4-4912-8751-87BA52614FDA",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241A8930-4ADA-4380-AA42-F10B28487595",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32CFAF1E-358A-4F6D-96CB-D7229F0D9D74",
"versionEndExcluding": "7.0.19",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B93C73-1E94-4854-8405-C3689860A74C",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B276403-CE85-445A-9E5D-BBFBD7AB7A68",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD60BA50-3F98-46BF-97E8-28AB207DE12A",
"versionEndExcluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B0D078-2F52-46B4-B9C0-162447828E1B",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF1E214-4BC5-47E8-BF02-072D6D830BAF",
"versionEndIncluding": "6.4.10",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28B43375-DA74-4C5F-BAEE-39F312EEF51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7D031B-221B-4738-AC83-4FB92A106528",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets."
},
{
"lang": "es",
"value": "Una limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\u0027Path Traversal\u0027) en Fortinet FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiOS versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.5 a 7.2.9, 7.0.0 a 7.0.15, 6.4.0 a 6.4.15, FortiProxy 7.4.0 a 7.4.5, 7.2.0 a 7.2.11, 7.0.0 a 7.0.18, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiManager Cloud versiones 7.4.1 hasta 7.4.3, FortiRecorder versiones 7.2.0 hasta 7.2.1, 7.0.0 hasta 7.0.4, FortiVoice versiones 7.0.0 hasta 7.0.4, 6.4.0 hasta 6.4.9, 6.0.0 hasta 6.0.12, FortiWeb 7.6.0, 7.4.0 hasta 7.4.4, 7.2.0 hasta 7.2.10, 7.0.0 hasta 7.0.10, 6.4.0 hasta 6.4.3 permite al atacante activar una escalada de privilegios a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-48884",
"lastModified": "2025-02-03T22:18:16.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:32.873",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-14 16:15
Modified
2025-02-06 16:07
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-19-037 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-19-037 | Mitigation, Vendor Advisory |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS Default Configuration Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1023D06F-42D8-40DA-BEE0-A71397F58202",
"versionEndIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Configuraci\u00f3n Predeterminada en FortiOS puede permitir a un atacante no autenticado en la misma subred interceptar informaci\u00f3n confidencial al hacerse pasar por el servidor LDAP."
}
],
"id": "CVE-2019-5591",
"lastModified": "2025-02-06T16:07:11.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-08-14T16:15:16.070",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-19-037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-19-037"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:50
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-455 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-455 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1251FE-2B46-46AA-B474-506B0079810D",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text."
}
],
"id": "CVE-2023-26207",
"lastModified": "2024-11-21T07:50:55.013",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:16.467",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-455"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 18:15
Modified
2024-11-21 06:55
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-073 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-073 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85",
"versionEndExcluding": "6.2.11",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103E0368-0675-4511-95BF-D5CCD67BBAA5",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of \"blocked page\" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n inapropiada de la fuente de un canal de comunicaci\u00f3n en Fortinet FortiOS con motor IPS versiones 7.201 hasta 7.214, 7.001 hasta 7.113, 6.001 hasta 6.121, 5.001 hasta 5.258 y anteriores a 4.086, permite a un atacante remoto y no autenticado desencadenar el env\u00edo de datos HTML \"blocked page\" a una v\u00edctima arbitraria por medio de peticiones TCP dise\u00f1adas, inundando potencialmente a la v\u00edctima.\n"
}
],
"id": "CVE-2022-27491",
"lastModified": "2024-11-21T06:55:49.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T18:15:12.693",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-073"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-06 17:15
Modified
2024-11-21 07:21
Severity ?
4.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-248 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-248 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD059AE-6636-441E-9E88-82266F8B4445",
"versionEndIncluding": "6.0.15",
"versionStartIncluding": "6.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EE44C2-0DB5-4159-B6C7-70DF0B00A0C0",
"versionEndIncluding": "6.2.12",
"versionStartIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA09A86A-A8BE-45F7-96C8-747C5DB658C5",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0E6170-82F7-4A63-95B7-9D02E27B6867",
"versionEndIncluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n inadecuada de la entrada durante la generaci\u00f3n de la p\u00e1gina web (\"cross-site scripting\") en Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 y 7.0.0 - 7.0. 3 permite a un atacante privilegiado ejecutar c\u00f3digo o comandos no autorizados mediante el almacenamiento de payloads maliciosos en mensajes de reemplazo."
}
],
"id": "CVE-2022-40680",
"lastModified": "2024-11-21T07:21:50.600",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 2.7,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-06T17:15:10.997",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-248"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8 and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10 and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1 and below, 2.0.7 and below, 1.2 all versions, 1.1 all versions, 1.0 all versions may allow an attacker to decrypt portions of the administrative session management cookie if able to intercept the latter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-126 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-126 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiswitch | * | |
| fortinet | fortiswitch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29C4F347-1E27-4517-8E9D-E932B3A7F271",
"versionEndExcluding": "2.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C85CEB11-2682-448D-852A-9EE113E54539",
"versionEndExcluding": "6.3.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1725A170-7445-459F-A682-A9EA13470393",
"versionEndExcluding": "7.0.0",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23ACB3B-E74F-4AF6-B67B-7603ED113B36",
"versionEndExcluding": "6.4.9",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F10D70-1176-4119-BF1A-C2A5FCA386D4",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7EE382-AA93-4634-B48E-3BE9012EC96B",
"versionEndExcluding": "6.4.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69CF7A08-72CB-4CEC-9900-8B26180B2782",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper verification of cryptographic signature vulnerability [CWE-347] in FortiWeb 6.4 all versions, 6.3.16 and below, 6.2 all versions, 6.1 all versions, 6.0 all versions; FortiOS 7.0.3 and below, 6.4.8\u00a0and below, 6.2 all versions, 6.0 all versions; FortiSwitch 7.0.3 and below, 6.4.10\u00a0and below, 6.2 all versions, 6.0 all versions; FortiProxy 7.0.1\u00a0and below, 2.0.7\u00a0and below, 1.2 all versions, 1.1 all versions, 1.0 all versions\u00a0may allow an attacker\u00a0to decrypt portions of the administrative session management cookie\u00a0if able to intercept the latter."
}
],
"id": "CVE-2021-43074",
"lastModified": "2024-11-21T06:28:38.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:11.677",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-126"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-04 16:15
Modified
2024-11-21 06:28
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-231 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-231 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96161EB8-2DFC-488B-B24D-80DA3B52E5B1",
"versionEndExcluding": "2.0.9",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFEA53FA-16E1-4CDB-933C-2F886CAB15DA",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "104926CC-BE94-41EF-98E5-F565A6EAADD4",
"versionEndExcluding": "6.0.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE47BA6-6F1B-40E9-8FE5-5752389875DF",
"versionEndExcluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "986D96D1-B204-48FC-8852-BB8341941236",
"versionEndExcluding": "6.4.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30F10D70-1176-4119-BF1A-C2A5FCA386D4",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy\u0027s client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages."
},
{
"lang": "es",
"value": "Un mensaje de error generado por el servidor que contiene informaci\u00f3n confidencial en Fortinet FortiOS 7.0.0 a 7.0.3, 6.4.0 a 6.4.8, 6.2.x, 6.0.x y FortiProxy 7.0.0 a 7.0.1, 2.0.x, permite a servidores web maliciosos recuperar el nombre de usuario y la IP del cliente de un proxy web por medio de peticiones HTTP del mismo origen que provocan p\u00e1ginas de c\u00f3digos de estado HTTP generadas por el proxy"
}
],
"id": "CVE-2021-43206",
"lastModified": "2024-11-21T06:28:50.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-04T16:15:08.227",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-231"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2024-11-21 07:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-364 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-364 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83139FA-7195-4171-8BC6-CC4F9379C7C9",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57AD1A53-1D86-4707-B63C-49E1633179AD",
"versionEndIncluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0087A620-D709-4771-B03E-3D5F0DCBC261",
"versionEndIncluding": "6.2.13",
"versionStartIncluding": "6.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A87D865A-6411-4807-81D4-6A5C052C03C9",
"versionEndIncluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E775D02-7C02-40BE-A118-D874B9BBC936",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests."
}
],
"id": "CVE-2022-41329",
"lastModified": "2024-11-21T07:23:03.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T17:15:12.163",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-364"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-24 23:15
Modified
2025-02-24 15:43
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-19-283 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-19-283 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS SSL VPN Improper Authentication Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "756167D1-ED53-4EC7-88B3-D82E329A2FA4",
"versionEndExcluding": "6.0.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0966DA-A4B1-4C78-862C-3CB9557DCC4C",
"versionEndExcluding": "6.2.4",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6E45EB-4C8C-4777-9200-08B14595A3A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username."
},
{
"lang": "es",
"value": "Una vulnerabilidad de autenticaci\u00f3n inapropiada en SSL VPN en FortiOS versiones 6.4.0, 6.2.0 a 6.2.3, 6.0.9 y posteriores, puede resultar en que un usuario sea capaz de iniciar sesi\u00f3n con \u00e9xito sin que sea requerido el segundo factor de autenticaci\u00f3n (FortiToken) si cambiaron el caso de su nombre de usuario"
}
],
"id": "CVE-2020-12812",
"lastModified": "2025-02-24T15:43:27.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-07-24T23:15:12.003",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-283"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-178"
},
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-13 07:15
Modified
2024-11-21 08:10
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-138 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-138 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1251FE-2B46-46AA-B474-506B0079810D",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D78C235-F7F5-4611-8467-0CC4F0F69111",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF",
"versionEndIncluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2573C90-BE6A-4D5D-A223-F09213318909",
"versionEndIncluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA2C6ED-2765-4B56-9B37-10C50BD32C75",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC27DCF-F74C-431C-9545-F405D369AF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests."
},
{
"lang": "es",
"value": "Un uso de cadena de formato controlada externamente en Fortinet FortiProxy versiones 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, versiones de FortiOS 7.4.0, 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.15, 6.0.0 a 6.0.17, las versiones de FortiPAM 1.0.0 a 1.0.3 permiten al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes API especialmente manipuladas."
}
],
"id": "CVE-2023-36639",
"lastModified": "2024-11-21T08:10:09.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-13T07:15:12.900",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-138"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:20
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-090 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-090 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76621CA9-15A3-45C7-89F6-00FF2F0DB7B5",
"versionEndIncluding": "7.312",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E527DD20-7553-4CAD-BFFF-02D2C4DFFADC",
"versionEndIncluding": "7.165",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E17821E5-7836-4EEA-A383-66CBCD45B258",
"versionEndIncluding": "6.158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
},
{
"lang": "es",
"value": "Un conflicto de interpretaci\u00f3n en las versiones 7.321, 7.166 y 6.158 de Fortinet IPS Engine permite a un atacante evadir las funciones de IPS a trav\u00e9s de paquetes TCP manipulados."
}
],
"id": "CVE-2023-40718",
"lastModified": "2024-11-21T08:20:01.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.560",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-12-19 11:15
Modified
2025-01-21 20:42
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-20-083 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8DACBF-C9D5-4898-8294-DB887A28A9C7",
"versionEndExcluding": "5.6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D44B5E8F-6093-4E84-9197-4530032E5B5A",
"versionEndExcluding": "6.0.11",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter."
},
{
"lang": "es",
"value": "En una configuraci\u00f3n no predeterminada, un desbordamiento de b\u00fafer basado en pila en FortiOS versi\u00f3n 6.0.10 y anteriores, versi\u00f3n 5.6.12 y anteriores puede permitir que un atacante remoto autenticado en la VPN SSL bloquee el daemon NAC de FortiClient (fcnacd) y potencialmente ejecute c\u00f3digo arbitrario mediante la solicitud de un nombre de archivo FortiClient grande. No tenemos conocimiento de ning\u00fan c\u00f3digo de prueba de concepto que logre esto \u00faltimo con \u00e9xito."
}
],
"id": "CVE-2020-12820",
"lastModified": "2025-01-21T20:42:17.767",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-12-19T11:15:05.700",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-083"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-17 20:42
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-293 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D18D6E-AD93-4183-B9A9-458E791ED126",
"versionEndExcluding": "7.2.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en las versiones de FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0 todas las versiones, 6.4 todas las versiones, 6.2 todas las versiones y 6.0 todas las versiones permite a un atacante activar una denegaci\u00f3n de servicio a trav\u00e9s de una solicitud http manipulada."
}
],
"id": "CVE-2023-42785",
"lastModified": "2025-01-17T20:42:36.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:27.083",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 08:05
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-375 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.2.0 | |
| fortinet | fortiweb | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29BAA789-62A7-4040-B6F7-8E70FFBA0399",
"versionEndIncluding": "6.3.23",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5ED7B3-39F3-49FD-82D9-72CAB2D68636",
"versionEndIncluding": "6.4.3",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00A1259A-261F-47B9-8DFA-16C7C67F27E0",
"versionEndIncluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1B5C-5CD3-4614-9B4D-E9D91FCF9321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "962B85ED-89C2-4453-9F59-F242031A2E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB7E21E-A68B-44FC-8F0E-EF5926186F26",
"versionEndIncluding": "5.0.14",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F93F9C8-6064-4CED-88DF-3580C517AB51",
"versionEndIncluding": "5.2.15",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0",
"versionEndIncluding": "5.4.13",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D962937C-B057-4422-A672-8DD2F3C3B3B6",
"versionEndIncluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E775D02-7C02-40BE-A118-D874B9BBC936",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A loop with unreachable exit condition (\u0027infinite loop\u0027) in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests."
}
],
"id": "CVE-2023-33305",
"lastModified": "2024-11-21T08:05:22.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:18.563",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-375"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-30 14:59
Modified
2024-11-21 02:58
Severity ?
Summary
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://fortiguard.com/advisory/FG-IR-16-088 | Not Applicable | |
| psirt@fortinet.com | http://www.securityfocus.com/bid/94477 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://fortiguard.com/advisory/FG-IR-16-088 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94477 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.0.0 | |
| fortinet | fortios | 5.0.1 | |
| fortinet | fortios | 5.0.2 | |
| fortinet | fortios | 5.0.3 | |
| fortinet | fortios | 5.0.4 | |
| fortinet | fortios | 5.0.5 | |
| fortinet | fortios | 5.0.6 | |
| fortinet | fortios | 5.0.7 | |
| fortinet | fortios | 5.0.8 | |
| fortinet | fortios | 5.0.9 | |
| fortinet | fortios | 5.0.10 | |
| fortinet | fortios | 5.0.11 | |
| fortinet | fortios | 5.0.12 | |
| fortinet | fortios | 5.0.13 | |
| fortinet | fortios | 5.0.14 | |
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 | |
| fortinet | fortios | 5.2.4 | |
| fortinet | fortios | 5.2.5 | |
| fortinet | fortios | 5.2.6 | |
| fortinet | fortios | 5.2.7 | |
| fortinet | fortios | 5.2.8 | |
| fortinet | fortios | 5.2.9 | |
| fortinet | fortios | 5.2.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6615C7-C6F8-4E42-BA09-5A29A0B68E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C5917-BBC0-4924-9FB0-49E141DC9D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "513A1CAA-9B87-4CF5-9513-396E2E686CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62CD94B3-C430-4672-BBEA-B8A542944F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91AA2061-5D28-4DCF-9126-8D5CE57D96F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FA9832-A573-489B-A26E-7A7DFC1E0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC836E7-DAA2-4FDB-9919-D5FF35E67C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate\u0027s IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected."
},
{
"lang": "es",
"value": "Las sesiones de larga duraci\u00f3n en dispositivos Fortinet FortiGate con FortiOS 5.x en versiones anteriores a 5.4.0 podr\u00eda violar una pol\u00edtica de seguridad durante las actualizaciones de firmas IPS cuando el IPSengine de FortiGate est\u00e1 configurado en modo de flujo. Todas las versiones FortiGate con IPS configurado en modo proxy (el modo predeterminado) no est\u00e1n afectadas."
}
],
"id": "CVE-2016-7541",
"lastModified": "2024-11-21T02:58:10.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-30T14:59:00.150",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Not Applicable"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-088"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94477"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:25
Severity ?
6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-195 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-195 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C569E-0642-4FDD-B65F-A5926B69021A",
"versionEndIncluding": "6.2.16",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884279B3-E480-44E1-B126-5C1029B6BE75",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests."
},
{
"lang": "es",
"value": "Una doble vulnerabilidad gratuita [CWE-415] en Fortinet FortiOS anterior a 7.0.0 puede permitir a un atacante privilegiado ejecutar c\u00f3digo o comandos a trav\u00e9s de solicitudes HTTP o HTTPs manipuladas."
}
],
"id": "CVE-2023-44247",
"lastModified": "2024-11-21T08:25:30.813",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:20.807",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-195"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-04 15:15
Modified
2024-11-21 05:52
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-046 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-046 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C628FD97-5D1C-48BC-8A4F-932AEFEC2F5D",
"versionEndExcluding": "6.2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "868E19AD-D2ED-4424-9CA1-56E07BFBC0DB",
"versionEndExcluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image."
},
{
"lang": "es",
"value": "Una vulnerabilidad de subescritura del b\u00fafer en la rutina de verificaci\u00f3n del firmware de FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante ubicado en la red adyacente ejecutar potencialmente c\u00f3digo arbitrario por medio de una imagen de firmware espec\u00edficamente dise\u00f1ada"
}
],
"id": "CVE-2021-24018",
"lastModified": "2024-11-21T05:52:13.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-04T15:15:08.983",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-046"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-09 16:15
Modified
2024-11-21 09:01
Severity ?
3.4 (Low) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-23-446 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-23-446 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "662CC1BD-BA5A-4765-9D74-A887690F726F",
"versionEndIncluding": "7.4.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F75019A7-F58D-4863-AE73-B63E38C8D880",
"versionEndIncluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F669948-010A-4105-9E63-0D47CA92CA10",
"versionEndIncluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D89D2813-5224-4658-97B8-56CBD3E49ED6",
"versionEndIncluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests."
},
{
"lang": "es",
"value": "Un an\u00e1lisis incorrecto de n\u00fameros con vulnerabilidad de diferentes ra\u00edces [CWE-1389] en FortiProxy versi\u00f3n 7.4.3 e inferior, versi\u00f3n 7.2.10 e inferior, versi\u00f3n 7.0.17 e inferior y FortiOS versi\u00f3n 7.4.3 e inferior, versi\u00f3n 7.2.8 y A continuaci\u00f3n, la versi\u00f3n 7.0.15 y anteriores, la funci\u00f3n de validaci\u00f3n de direcci\u00f3n IP puede permitir que un atacante no autenticado omita la lista de bloqueo de IP mediante solicitudes manipuladas."
}
],
"id": "CVE-2024-26015",
"lastModified": "2024-11-21T09:01:45.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-09T16:15:04.810",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1389"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-11 14:59
Modified
2024-11-21 02:34
Severity ?
Summary
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A9AD38-4005-4B33-AB47-5E81F9AB5E32",
"versionEndIncluding": "4.3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funciionalidad SSL-VPN en Fortinet FortiOS en versiones anteriores a 4.3.13, s\u00f3lo comprueba el primer byte de la TLS MAC en los mensajes finalizados, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos suplantar el contenido cifrado a trav\u00e9s de un campo MAC manipulado."
}
],
"id": "CVE-2015-5965",
"lastModified": "2024-11-21T02:34:14.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-11T14:59:16.477",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-016/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/76065"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033256"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"source": "cve@mitre.org",
"url": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-016/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-07 17:15
Modified
2025-02-24 15:45
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-369 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-369 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2023-04-04",
"cisaExploitAdd": "2023-03-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS Path Traversal Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D539CF21-2985-4E9B-94E8-E0B696752291",
"versionEndExcluding": "6.2.14",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE",
"versionEndExcluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB54D85-8A3B-4F40-A814-3636F2AC99F3",
"versionEndExcluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory vulnerability (\u0027path traversal\u0027) [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands."
}
],
"id": "CVE-2022-41328",
"lastModified": "2025-02-24T15:45:02.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-07T17:15:12.093",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-369"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-14 18:15
Modified
2024-11-21 08:10
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-151 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-151 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E4FB93-7111-4F2A-8D5A-F276261D0E67",
"versionEndIncluding": "2.0.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1251FE-2B46-46AA-B474-506B0079810D",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D78C235-F7F5-4611-8467-0CC4F0F69111",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E44123-995C-4E08-84B5-FF8C76B67B29",
"versionEndIncluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests."
},
{
"lang": "es",
"value": "Un error de truncamiento num\u00e9rico en Fortinet FortiProxy versi\u00f3n 7.2.0 a 7.2.4, FortiProxy versi\u00f3n 7.0.0 a 7.0.10, FortiProxy 2.0 todas las versiones, FortiProxy 1.2 todas las versiones, FortiProxy 1.1, todas las versiones, FortiProxy 1.0 todas las versiones, FortiOS versi\u00f3n 7.4 .0, FortiOS versi\u00f3n 7.2.0 a 7.2.5, FortiOS versi\u00f3n 7.0.0 a 7.0.12, FortiOS 6.4 todas las versiones, FortiOS 6.2 todas las versiones, FortiOS 6.0 todas las versiones permiten al atacante denegar el servicio a trav\u00e9s de solicitudes HTTP espec\u00edficamente manipuladas."
}
],
"id": "CVE-2023-36641",
"lastModified": "2024-11-21T08:10:09.613",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-14T18:15:49.833",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-151"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-197"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-24 15:15
Modified
2024-11-21 05:00
Severity ?
Summary
An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-033 | Vendor Advisory | |
| nvd@nist.gov | https://www.fortiguard.com/psirt/FG-IR-20-033 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-033 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "366223BF-F61D-4AC7-A884-D6FB48CD47A7",
"versionEndExcluding": "6.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate_1000d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64F7589C-F20B-4222-B859-78D15C457CE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_100e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4BAC86-6E1C-4ECE-8E41-789A6A617A40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_100f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561D84F5-E3D4-4293-AC13-26D2E217D970",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_1100e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "648723EC-E144-4975-8D23-A4BB5EF6F07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_1500d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C8DA5D-9CB6-4BA6-BB8B-F41501726AF9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_1800f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76792D6F-B647-43A8-8A60-17BE35824BF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_2000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C3D2D8-A79C-4D10-B72E-D71EA3EB06F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D08C3F-51A4-44CF-BB85-A00536FAADAE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_2200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2A9D43-348B-45DB-94F7-825B29141F09",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3000d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C79E67E1-8A10-4AD3-A6F5-9E82890216B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCCA9CD-2B75-46AF-989C-C300CB53358E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3400e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1CDB68-B412-45E2-9AC4-F2A6E5300AA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3600e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5015D2E8-8482-467A-96F4-65CBF0AFAC6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3700d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "431E4C52-4BBF-48BA-867B-32D1405A5863",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3960e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E816AC-57B5-4460-AF88-300EB72B5A8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3980e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF54E933-526F-4E65-A6B1-455389525F27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_400e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A197765B-E9B4-4E5A-918D-C0C4B679CBA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_40f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96C31DB1-CEBD-4796-9CF1-5D9D000A5A9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_4200f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "326DF840-7BEE-44D3-A8B8-DCE1A673A2C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5001d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B35A82B1-ABA8-493D-9E89-E253CDD10472",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5001e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "922E4449-EB12-444E-9E8C-C67FA537F1BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5001e1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "302638DB-0FA0-4804-9FC8-CCD20430B08F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5053b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B0C1E0-CA41-4A31-A42D-FB25090EC6CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5060:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A78FF2E-986E-439E-A787-0A14E7EE78CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_50e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3BE8B3-F83D-4C89-AA5C-9B6819128138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_5144c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20B656F3-C696-48A9-9E1C-6F628E246F48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_600e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "360F94B1-BFBC-455A-84D4-2E5F90DC0E61",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_60e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33F4AB8A-21B9-4969-92B3-250BF7414175",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_60f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D32F0C5-2949-48B6-B9DD-F070DE11C803",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_6300f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C87112F-4971-4A57-98E6-8057A758F7E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_6500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA7B3B0-C101-406D-AAF4-C7CF86075EA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_7040e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68E575C9-D2C9-476B-91BB-D49C6FB62351",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_7060e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1786CFE3-300C-4891-A55F-06BB0D0B67D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_80e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68866893-6942-4FF6-88E8-4BEB610AD6FE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_80f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "906455AD-D91C-47D6-A244-33B43ECB0A74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed."
},
{
"lang": "es",
"value": "Una vulnerabilidad de registro insuficiente en FortiGate versiones anteriores a 6.4.1, puede permitir que el tr\u00e1fico de un atacante no autenticado hacia direcciones IP propiedad de Fortinet pase desapercibido."
}
],
"id": "CVE-2020-12818",
"lastModified": "2024-11-21T05:00:20.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T15:15:13.237",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-033"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-033"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:27
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9BC2D4-EA5F-448E-A9FA-0445EF6CC9E0",
"versionEndExcluding": "7.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE24A52F-07B6-4E40-955B-7B71826AC299",
"versionEndExcluding": "7.2.6",
"versionStartExcluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F75C4E9-62F6-43F2-B941-476F31F8F39C",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC883A39-5441-45A6-AEEB-D916FA39F635",
"versionEndExcluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97097B62-E92F-49F7-9D48-472C4309A716",
"versionEndExcluding": "7.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C569E-0642-4FDD-B65F-A5926B69021A",
"versionEndIncluding": "6.2.16",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884279B3-E480-44E1-B126-5C1029B6BE75",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E44123-995C-4E08-84B5-FF8C76B67B29",
"versionEndIncluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA2C6ED-2765-4B56-9B37-10C50BD32C75",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC27DCF-F74C-431C-9545-F405D369AF22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests."
},
{
"lang": "es",
"value": "Un uso de cadena de formato controlada externamente en Fortinet FortiProxy versiones 7.2.0 a 7.2.5, 7.0.0 a 7.0.11, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6 Versiones de FortiPAM 1.1.0, 1.0.0 a 1.0.3 Versiones de FortiOS 7.4.0, 7.2.0 a 7.2.5, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2. 15 Las versiones 7.2.0 a 7.2.2, 7.0.0 a 7.0.2 de FortiSwitchManager permiten a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de comandos cli y solicitudes http especialmente manipulados."
}
],
"id": "CVE-2023-45583",
"lastModified": "2024-11-21T08:27:00.447",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:22.750",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-137"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2025-01-27 21:30
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-384 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://www.fortiguard.com/psirt/FG-IR-20-233 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-384 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fortiguard.com/psirt/FG-IR-20-233 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS SSL VPN Path Traversal Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B47708E-8A92-4767-8685-49C3143D0920",
"versionEndExcluding": "1.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7016D5F-23EE-4922-B6ED-312522776B25",
"versionEndExcluding": "5.4.13",
"versionStartIncluding": "5.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44120B30-029A-4283-9441-A815A96ADD9D",
"versionEndExcluding": "5.6.8",
"versionStartIncluding": "5.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D37F1481-E7A7-4428-89C9-5DF9D206D056",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests."
},
{
"lang": "es",
"value": "Una limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\"Path Traversal\") en Fortinet FortiOS versiones 6.0.0 a 6.0.4, 5.6.3 a 5.6.7 y 5.4.6 a 5.4.12 y FortiProxy versiones 2.0.0, 1. 2.0 a 1.2.8, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7 bajo el portal web SSL VPN permite a un atacante no autenticado descargar archivos del sistema a trav\u00e9s de solicitudes de recursos HTTP especialmente dise\u00f1adas"
}
],
"id": "CVE-2018-13379",
"lastModified": "2025-01-27T21:30:45.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T21:29:00.233",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-384"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortiguard.com/psirt/FG-IR-20-233"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:26
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vunerabilidad de XSS en la p\u00e1gina de acceso sslvpn en Fortinet FortiOS 5.2.x en versiones anteriores a 5.2.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1880",
"lastModified": "2024-11-21T02:26:19.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-05-12T19:59:08.053",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74652"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032261"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032262"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032264"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032265"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-10 18:55
Modified
2024-11-21 02:01
Severity ?
Summary
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "493FE61C-5C97-46C4-8090-DFAA4D68B519",
"versionEndIncluding": "4.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B75D8F35-830C-498C-B658-AE89154BEB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CBC65E-6DF2-406D-9037-897218AB9257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB85DAD-03EA-4B16-8FF8-F02ACEF0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A97B341D-3B9D-4D37-8D5B-6062BE1C3AC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream."
},
{
"lang": "es",
"value": "El servicio de protocolo FortiManager en Fortinet FortiOS anterior a 4.3.16 y 5.x anterior a 5.0.8 en los dispositivos FortiGate devices no previene el uso de los suites de cifrado an\u00f3nimos, lo que facilita a atacantes man-in-the-middle obtener informaci\u00f3n sensible o interferir con las comunicaciones mediante la modificaci\u00f3n del flujo de datos del cliente-servidor."
}
],
"id": "CVE-2014-0351",
"lastModified": "2024-11-21T02:01:55.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-10T18:55:02.643",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-14-006/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730964"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/69754"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-14-006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/730964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96119"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-468 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-468 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D962937C-B057-4422-A672-8DD2F3C3B3B6",
"versionEndIncluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote\u00a0FortiGuard\u0027s map server."
}
],
"id": "CVE-2023-29175",
"lastModified": "2024-11-21T07:56:39.663",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:17.027",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-468"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-09 09:15
Modified
2024-11-29 15:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-015 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-015 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2024-02-16",
"cisaExploitAdd": "2024-02-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614BFD88-3C7A-4F6F-BD26-F53E4BC464D7",
"versionEndExcluding": "2.0.14",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF62C95E-AB35-4A8E-84F8-5197E9D33C21",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A077234-F19C-4E87-A7A5-A266B5C903C7",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE33B892-8CBB-4E16-B529-A1A0C48CE664",
"versionEndExcluding": "6.0.18",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF10835-8DE2-415B-9EE8-99FFD699193E",
"versionEndExcluding": "6.2.16",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E29353F-8791-4117-BA7A-E32FAB8348A4",
"versionEndExcluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests"
},
{
"lang": "es",
"value": "Una escritura fuera de los l\u00edmites en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17, y versiones de FortiProxy 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13 , 1.1.0 a 1.1.6, 1.0.0 a 1.0.7. Permite al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes espec\u00edficamente manipuladas"
}
],
"id": "CVE-2024-21762",
"lastModified": "2024-11-29T15:23:32.167",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-09T09:15:08.087",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-015"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-29 16:29
Modified
2024-11-21 03:12
Severity ?
Summary
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/102779 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1040284 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-262 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102779 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040284 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-262 | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3085A41F-2305-46D3-AE10-6D256B6E1F95",
"versionEndIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F0AC998-B751-4E73-9C37-D2721F1795CF",
"versionEndIncluding": "5.4.7",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C44E69B8-A1E8-437B-ADA3-10DE256B3368",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted \"Host\" header in user HTTP requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en Fortinet FortiOS 5.6.0 a 5.6.2; 5.4.0 a 5.4.7 y 5.2 y anteriores permite que un atacante inyecte scripts web o HTML arbitrarios mediante una cabecera \"Host\" maliciosamente manipulada en las peticiones HTTP de usuario."
}
],
"id": "CVE-2017-14190",
"lastModified": "2024-11-21T03:12:19.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-29T16:29:00.230",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102779"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040284"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-262"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 12:15
Modified
2024-11-21 05:55
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-158 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-158 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40C734E1-EB71-4469-837D-A7D669AEEB6B",
"versionEndIncluding": "1.2.11",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "522EB71B-D6BA-4966-9CCB-572B9A11467E",
"versionEndIncluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6EF01D9-50FB-4300-87FB-132649A9AC51",
"versionEndIncluding": "6.0.13",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88D6903E-70D0-4D63-BC68-BA37EE91BCB1",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad de verificaci\u00f3n insuficiente de la autenticidad de los datos (CWE-345) en la interfaz de usuario de FortiProxy versi\u00f3n 2.0.3 y anteriores, 1.2.11 y anteriores y FortiGate versi\u00f3n 7.0.0, 6.4.6 y anteriores, 6.2.9 y anteriores del portal SSL VPN puede permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site request forgery (CSRF). S\u00f3lo la VPN SSL en modo web o en modo completo est\u00e1 afectada por esta vulnerabilidad"
}
],
"id": "CVE-2021-26103",
"lastModified": "2024-11-21T05:55:52.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T12:15:07.677",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-158"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 11:15
Modified
2024-11-21 06:28
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-173 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-173 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiadc | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortianalyzer | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortindr | * | |
| fortinet | fortios-6k7k | * | |
| fortinet | fortios-6k7k | 6.4.2 | |
| fortinet | fortios-6k7k | 6.4.6 | |
| fortinet | fortiportal | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.0.0 | |
| fortinet | fortiproxy | 7.0.1 | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 6.4.0 | |
| fortinet | fortiweb | 6.4.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortirecorder_firmware | * | |
| fortinet | fortirecorder_firmware | * | |
| fortinet | fortiswitch | * | |
| fortinet | fortiswitch | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DD5253-F76E-4799-BB45-79D7B7ACFFB1",
"versionEndIncluding": "6.1.5",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "075C4223-7586-4799-AFA8-7B578BD144B5",
"versionEndIncluding": "6.2.2",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9AE101-566A-4460-AA97-18288BBD7639",
"versionEndIncluding": "6.4.7",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEB8E5F-BBF2-4E6E-91C6-AA47E2CAD022",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2DC5CE-ED48-48B7-8654-7B29A65A7454",
"versionEndIncluding": "6.2.7",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A5C345-7055-4F18-AE77-FF1DBE41AB89",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "958C238F-B3DD-41A7-801D-0C39143A5E09",
"versionEndIncluding": "6.4.7",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C5772DB-7F52-479C-914D-778552395990",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F49E4A60-2FA0-4298-BF2E-53C86AF21BEC",
"versionEndIncluding": "1.5.2",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE493CA-7BE8-454A-82FD-11DB82D8FC3A",
"versionEndIncluding": "6.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59BD8EE9-6F94-4EA5-B22B-1B446A15F2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50BDB150-8E02-427D-A9FC-C7C3C90F0584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4A0E2F-41C7-4AFB-AC6D-83E7B1A5FC70",
"versionEndIncluding": "6.0.10",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD9074-C3A5-437E-AC44-C41E4B001980",
"versionEndIncluding": "2.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70E9D9A8-EFF1-4ABE-A04D-FD983443DD3A",
"versionEndIncluding": "6.0.10",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8611A25-64A1-4BCE-AA46-E47DFD607CB2",
"versionEndIncluding": "6.4.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA2E8B-78B6-40AA-9201-BDF4838950CC",
"versionEndIncluding": "6.3.16",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74A92A08-E6F6-4522-A6DA-061950AD3525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A3D2C4-C3FA-4E12-9156-DAFEA4E00BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1C5491-6C94-48A9-8D59-5162E576E54A",
"versionEndIncluding": "6.0.13",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D183D979-7F73-4D02-91B7-D0C93DE55A8F",
"versionEndIncluding": "6.4.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E9D423-721A-482B-BA6B-52E4D8C07C58",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E33B56-1975-4B78-A157-E0EADB3BC1B7",
"versionEndIncluding": "6.0.10",
"versionStartIncluding": "2.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB7DEA7-E461-43B0-98EB-CE436DE87D98",
"versionEndIncluding": "6.4.2",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E5A33E-F744-4CC0-ABA0-D1734845AFBB",
"versionEndIncluding": "6.4.9",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3C99AC-DCA1-44A0-9671-F424109A6038",
"versionEndIncluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer [CWE-121] en la biblioteca del cliente TFTP de FortiOS versiones anteriores a 6.4.7 y FortiOS versiones 7.0.0 hasta 7.0.2, puede permitir a un atacante local autenticado lograr una ejecuci\u00f3n de c\u00f3digo arbitrario por medio de argumentos de l\u00ednea de comandos especialmente dise\u00f1ados"
}
],
"id": "CVE-2021-42757",
"lastModified": "2024-11-21T06:28:06.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T11:15:11.840",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-173"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:10
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-137 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortipam | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3158CE17-3505-4946-9DC9-99FDF741AB4C",
"versionEndIncluding": "2.0.14",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1251FE-2B46-46AA-B474-506B0079810D",
"versionEndIncluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D78C235-F7F5-4611-8467-0CC4F0F69111",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73C906E2-943B-4710-832D-C29CF175F9BC",
"versionEndIncluding": "1.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C569E-0642-4FDD-B65F-A5926B69021A",
"versionEndIncluding": "6.2.16",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands"
},
{
"lang": "es",
"value": "Un uso de cadena de formato controlada externamente en las versiones Fortinet FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7, versiones de FortiPAM 1.0.0 a 1.0.3, versiones de FortiOS 7.2.0, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, 6.0.0 a 6.0.16 permite al atacante ejecutar c\u00f3digo o comandos no autorizados mediante comandos especialmente manipulados"
}
],
"id": "CVE-2023-36640",
"lastModified": "2024-11-21T08:10:09.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:16.640",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-137"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-12 19:59
Modified
2024-11-21 02:19
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Fortinet FortiOS 5.2.x anterior a 5.2.3 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios o HTML a trav\u00e9s de vectores no especificados en men\u00fas (1) de grupos de usuarios o (2) de plantillas vpn."
}
],
"id": "CVE-2014-8616",
"lastModified": "2024-11-21T02:19:27.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-05-12T19:59:00.097",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032261"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032262"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032264"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032265"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-13 14:29
Modified
2024-11-21 03:32
Severity ?
Summary
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim's browser via sending a maliciously crafted URL to the victim.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/101679 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039741 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-168 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101679 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039741 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-168 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 | |
| fortinet | fortios | 5.2.4 | |
| fortinet | fortios | 5.2.5 | |
| fortinet | fortios | 5.2.6 | |
| fortinet | fortios | 5.2.7 | |
| fortinet | fortios | 5.2.8 | |
| fortinet | fortios | 5.2.9 | |
| fortinet | fortios | 5.2.10 | |
| fortinet | fortios | 5.2.11 | |
| fortinet | fortios | 5.4.0 | |
| fortinet | fortios | 5.4.1 | |
| fortinet | fortios | 5.4.2 | |
| fortinet | fortios | 5.4.3 | |
| fortinet | fortios | 5.4.4 | |
| fortinet | fortios | 5.4.5 | |
| fortinet | fortios | 5.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DB756AF8-F9D2-472E-867B-C04D11F62FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9CDB2B-E454-4B91-9A47-615F31F1A3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim\u0027s browser via sending a maliciously crafted URL to the victim."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting reflejado en las p\u00e1ginas web de respuesta a mensajes de proxies web en Fortinet FortiOS en versiones 5.6.0, 5.4.0 a la 5.4.5 y la 5.2.0 a la 5.2.11 permite que un atacante sin autenticar inyecte scripts web o HTML arbitrarios en el contexto del navegador de la v\u00edctima enviando una URL maliciosamente manipulada a la v\u00edctima."
}
],
"id": "CVE-2017-7739",
"lastModified": "2024-11-21T03:32:33.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-13T14:29:00.947",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101679"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039741"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-168"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-13 13:15
Modified
2024-11-21 07:56
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-106 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-106 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "122518E7-EA43-4240-AAFB-61AD2AA28A2B",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05454D49-17D8-4A7D-92C8-B33B006A35DA",
"versionEndExcluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web (\u0027Cross-Site Scripting\u0027) [CWE-79] en FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10 y FortiOS 7.2.0 a 7.2.4, Las versiones 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, 6.2.0 a 6.2.14 pueden permitir que un atacante autenticado desencadene la ejecuci\u00f3n de c\u00f3digo JavaScript malicioso a trav\u00e9s de una configuraci\u00f3n de administraci\u00f3n de invitados manipulados."
}
],
"id": "CVE-2023-29183",
"lastModified": "2024-11-21T07:56:40.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-13T13:15:08.367",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-106"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-02 13:15
Modified
2024-11-21 05:52
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-018 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-018 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26712170-76E1-4896-9421-6CB9160D5DDF",
"versionEndExcluding": "6.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper following of a certificate\u0027s chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority."
},
{
"lang": "es",
"value": "Una vulnerabilidad de seguimiento impropio de la cadena de confianza de un certificado FortiGate versiones 6.4.0 hasta 6.4.4, puede permitir a un usuario de LDAP conectarse a SSLVPN con cualquier certificado que est\u00e9 firmado por una Autoridad de Certificaci\u00f3n confiable"
}
],
"id": "CVE-2021-24012",
"lastModified": "2024-11-21T05:52:12.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.7,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-02T13:15:12.673",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-018"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 13:15
Modified
2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-051 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-051 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E239D7B-8B65-4639-9390-F62C5A584B18",
"versionEndIncluding": "5.6.13",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EB2498-D80C-4C5B-B21F-D51640AB3569",
"versionEndIncluding": "6.2.8",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9633128-886B-493E-8F17-00110EE0EF91",
"versionEndIncluding": "6.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el uso de la clave criptogr\u00e1fica embebida en SSLVPN de FortiOS versiones anteriores a 7.0.1, puede permitir a un atacante recuperar la clave mediante ingenier\u00eda inversa"
}
],
"id": "CVE-2021-26108",
"lastModified": "2024-11-21T05:55:52.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T13:15:07.603",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-051"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-16 21:15
Modified
2024-11-21 04:32
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB277B3D-5973-445E-B688-4E1911D00FFE",
"versionEndExcluding": "6.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user\u0027s credentials should that attacker be able to read the session file stored on the targeted device\u0027s system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de almacenamiento de texto claro en un archivo o en el disco (CWE-313) en FortiOS SSL VPN versi\u00f3n 6.2.0 hasta la versi\u00f3n 6.2.2, versi\u00f3n 6.0.9 y anteriores y FortiProxy versi\u00f3n 2.0.0, versi\u00f3n 1.2.9 y anteriores puede permitir que un atacante recupere las credenciales de un usuario de SSL VPN que haya iniciado sesi\u00f3n en caso de que dicho atacante pueda leer el archivo de sesi\u00f3n almacenado en el sistema del dispositivo objetivo"
}
],
"id": "CVE-2019-17655",
"lastModified": "2024-11-21T04:32:42.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-16T21:15:10.313",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-217"
},
{
"source": "psirt@fortinet.com",
"url": "https://fortiguard.com/psirt/FG-IR-20-224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://fortiguard.com/psirt/FG-IR-20-224"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 16:15
Modified
2024-11-21 04:46
Severity ?
Summary
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-007 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-007 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDD29F8-B339-4C3B-AF3F-77BB3D323D1D",
"versionEndIncluding": "5.6.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA4CED9-EAB9-4FE4-B058-CC4D3E03C520",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72C437B7-75F8-4DDC-9670-19E2C21ACB27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users\u0027 passwords (except the administrator\u0027s password), private keys\u0027 passphrases and High Availability password (when set)."
},
{
"lang": "es",
"value": "El uso de una clave criptogr\u00e1fica embebida para cifrar datos confidenciales en el archivo de respaldo de configuraci\u00f3n de FortiOS, puede permitir a un atacante con acceso al archivo de respaldo descifrar los datos confidenciales, por medio del conocimiento de la clave embebida. Los datos confidenciales mencionados anteriormente incluyen las contrase\u00f1as de los usuarios (excepto la contrase\u00f1a del administrador), las frases de contrase\u00f1a de las claves privadas y la contrase\u00f1a de alta disponibilidad (cuando se establecen)."
}
],
"id": "CVE-2019-6693",
"lastModified": "2024-11-21T04:46:58.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T16:15:13.173",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-02 12:15
Modified
2024-11-21 07:16
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-174 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-174 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC5CAD3-53CB-45C3-B4EA-10AEFE6C0016",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS versi\u00f3n 7.2.0 y versiones 7.0.0 a 7.0.7 puede permitir que un usuario remoto de solo lectura autenticado modifique la configuraci\u00f3n de la interfaz a trav\u00e9s de la API."
}
],
"id": "CVE-2022-38380",
"lastModified": "2024-11-21T07:16:21.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-02T12:15:54.547",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-174"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-393 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.0.1 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6607C71D-D434-430A-8DFD-9125381D2D36",
"versionEndIncluding": "2.0.11",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "331A1766-4EBA-4519-A8ED-E0DD68A187E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B73D78B-2270-45B7-854E-F985B8D88F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "469E9E1C-154C-41CB-AC83-FBE5E6FA83EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF",
"versionEndIncluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E775D02-7C02-40BE-A118-D874B9BBC936",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests."
}
],
"id": "CVE-2022-42474",
"lastModified": "2024-11-21T07:25:02.533",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:15.597",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-393"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-23"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-02 09:15
Modified
2025-02-24 15:44
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-398 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-398 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{
"cisaActionDue": "2023-01-03",
"cisaExploitAdd": "2022-12-13",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB7E21E-A68B-44FC-8F0E-EF5926186F26",
"versionEndIncluding": "5.0.14",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F93F9C8-6064-4CED-88DF-3580C517AB51",
"versionEndIncluding": "5.2.15",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0",
"versionEndIncluding": "5.4.13",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "795298D3-0C06-471C-87E2-2D04AC190EAD",
"versionEndExcluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6785608-14A0-4825-BEC0-899E55A9FDF1",
"versionEndExcluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55E67EF5-6AF0-410A-BDE7-CF745ED97328",
"versionEndExcluding": "6.4.11",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C424900B-9A5E-440C-996B-2CF426F2CAA3",
"versionEndExcluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00E89C95-E9FB-473A-BEB0-FA8E7225AC55",
"versionEndExcluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "954674E3-7E54-4D94-80DE-CB73AE0452EA",
"versionEndExcluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E60913-FBE9-467B-AB4B-CA85E97527BA",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B24750-4A57-4F80-AAE8-8AC316B376C2",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77974073-D92D-4EB8-854F-A6DCCD13C868",
"versionEndExcluding": "6.0.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6785608-14A0-4825-BEC0-899E55A9FDF1",
"versionEndExcluding": "6.2.12",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7730E2-63AD-48F2-AE0A-6C8C9369A734",
"versionEndExcluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6D1D19-1227-42BE-87A7-E798D60059A5",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fim-7901e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "689B8A1F-112D-42CE-A29B-692EF00150AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fim-7904e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33603726-AB6B-4773-904E-DE103CDCEA70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fim-7910e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6056EE-E76C-4064-B252-E0D65A1CBFBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fim-7920e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43DF83AC-1B86-4C45-B5A3-EF56B65C9BF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fim-7921f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BAD653-D841-4744-AE85-C24FC1F3F6DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fim-7941f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADCB4F1-E237-4525-95C4-2C8EFDD7A109",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6300f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB61396B-D9EF-44DE-B211-E92EF5A52888",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6300f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AD28C00-00CC-433F-BD7B-AC58254E4785",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A72901A-EA5B-48B0-9D0B-A8CD8903413C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6500f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B4C97-9BC9-4FB9-9623-F2897050FE8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6501f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50EFCC23-1135-4BC9-B180-E9045030C844",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6501f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E355C55-4CAA-4875-95F6-FCF3D360039F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6601f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACBFBDDC-1BD8-48AA-85A3-AA727C466C8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-6601f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A56F4F2D-BE9B-458C-B906-017D14DEABBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-7030e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEADC8C2-1DB4-4CB9-A014-7EF279C03C08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-7040e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BBD9D7-5F9B-4438-91F9-EB496C8186C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-7060e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "187AAEF7-3FBF-488C-9935-2FA15D131228",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-7121f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9294854-FC23-4682-A695-325CA3347F37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fpm-7620e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFABB00-194B-41E4-940C-A5CF3A9CECEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fpm-7620f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC0365-4336-4700-9A29-1AEA0CA781AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fpm-7630e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E4F7F8-50E4-4774-B1E7-13DC1A289104",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability [CWE-122]\u00a0in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico [CWE-122] en FortiOS SSL-VPN 7.2.0 a 7.2.2, 7.0.0 a 7.0.8, 6.4.0 a 6.4.10, 6.2.0 a 6.2.11, 6.0 .15 y anteriores y FortiProxy SSL-VPN 7.2.0 hasta 7.2.1, 7.0.7 y anteriores pueden permitir que un atacante remoto no autenticado ejecute c\u00f3digo o comandos arbitrarios a trav\u00e9s de solicitudes espec\u00edficamente manipuladas."
}
],
"id": "CVE-2022-42475",
"lastModified": "2025-02-24T15:44:21.153",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-02T09:15:09.490",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-398"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-197"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 13:15
Modified
2024-11-21 06:25
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-181 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-181 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7.0.0 and 7.0.1 and FortiProxy verison 7.0.0 may allow an unauthenticated, unauthorized attacker to inject path traversal character sequences to disclose sensitive information of the server via the GET request of the login page."
},
{
"lang": "es",
"value": "Una vulnerabilidad de salto de ruta relativa [CWE-23] en FortiOS versiones 7.0.0 y 7.0.1 y en FortiProxy versi\u00f3n 7.0.0, puede permitir a un atacante no autenticado y no autorizado inyectar secuencias de caracteres de salto de ruta para revelar informaci\u00f3n confidencial del servidor por medio de la petici\u00f3n GET de la p\u00e1gina de inicio de sesi\u00f3n"
}
],
"id": "CVE-2021-41024",
"lastModified": "2024-11-21T06:25:17.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T13:15:07.957",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-181"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-13 22:29
Modified
2024-11-21 03:32
Severity ?
Summary
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/102151 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-172 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102151 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-172 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAFDAFC-2B2B-4681-A709-CD703FFCFD70",
"versionEndIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA53FD84-6F7B-462B-AFBF-D0F9D0E04639",
"versionEndIncluding": "5.4.5",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9B0663-F69B-4F14-90B7-DF906CD0130A",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command."
},
{
"lang": "es",
"value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Fortinet FortiOS de la versi\u00f3n 5.6.0 a la 5.6.2; 5.4.0 a la 5.4.5 y la versi\u00f3n 5.2 y anteriores permite que un usuario administrador con privilegios super_admin vea la informaci\u00f3n de sesi\u00f3n del portal web SSL VPN, que podr\u00eda contener credenciales a trav\u00e9s del comando CLI fnsysctl."
}
],
"id": "CVE-2017-7738",
"lastModified": "2024-11-21T03:32:33.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-13T22:29:00.283",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102151"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-172"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-18 18:15
Modified
2024-11-21 06:48
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-057 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-057 | Broken Link, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "023BE7D8-97EE-43AA-9E7E-5911D6F6FD11",
"versionEndIncluding": "6.4.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D763E12-9F72-46DA-825B-A573AC9AA947",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page."
},
{
"lang": "es",
"value": "Una neutralizaci\u00f3n inapropiada de la entrada durante la generaci\u00f3n de la p\u00e1gina web (\"Cross-site Scripting\") [CWE-79] vulnerabilidad en FortiOS versi\u00f3n 7.0.5 y anteriores y 6.4.9 y anteriores puede permitir a un atacante remoto no autenticado llevar a cabo un ataque de tipo cross site scripting (XSS) reflejado en la p\u00e1gina de sustituci\u00f3n de autenticaci\u00f3n del portal cautivo"
}
],
"id": "CVE-2022-23438",
"lastModified": "2024-11-21T06:48:33.510",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 2.7,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-18T18:15:08.963",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-057"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-02 16:59
Modified
2024-11-21 02:25
Severity ?
Summary
The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages."
},
{
"lang": "es",
"value": "El demonio Control and Provisioning of Wireless Access Points (CAPWAP) en Fortinet FortiOS 5.0 Parche 7 build 4457 permite a atacantes remotos causar una denegaci\u00f3n de servicio (el controlador de acceso a CAPWAP bloqueado) a trav\u00e9s de un n\u00famero grande de mensajes DTLS de ClientHello."
}
],
"id": "CVE-2015-1452",
"lastModified": "2024-11-21T02:25:27.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-02T16:59:05.520",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/61661"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "cve@mitre.org",
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72383"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-27 13:29
Modified
2024-11-21 03:32
Severity ?
Summary
A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/101563 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039677 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-17-113 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101563 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039677 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-17-113 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9CDB2B-E454-4B91-9A47-615F31F1A3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated attacker to execute arbitrary javascript code via webUI \"Login Disclaimer\" redir parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en Fortinet FortiOS desde la versi\u00f3n 5.4.0 a la 5.4.5 y en la versi\u00f3n 5.6.0 permite que un atacante remoto no autenticado ejecute c\u00f3digo JavaScfript arbitrario mediante el par\u00e1metro de redirecci\u00f3n \"Login Disclaimer\" en la interfaz gr\u00e1fica de usuario web."
}
],
"id": "CVE-2017-7733",
"lastModified": "2024-11-21T03:32:32.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-27T13:29:00.407",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101563"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039677"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-113"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-24 14:15
Modified
2024-11-21 04:29
Severity ?
Summary
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-19-186 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-19-186 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C424D53-2941-43BA-B4BA-FE6C06B08190",
"versionEndIncluding": "5.6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F4F708-941B-4EBD-9DAB-D726887B63DF",
"versionEndExcluding": "6.0.9",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE3901A-D32C-44DD-8977-87B4A4B6F3FE",
"versionEndExcluding": "6.2.3",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only."
},
{
"lang": "es",
"value": "Una Entrop\u00eda Insuficiente en la vulnerabilidad del PRNG en Fortinet FortiOS versi\u00f3n 6.2.1, 6.2.0, 6.0.8 y posteriores, para dispositivos que no habilitan token TRNG de hardware y modelos que no admiten un seed TRNG incorporado permite al atacante recuperar te\u00f3ricamente el secreto ECDSA a largo plazo en un cliente TLS con un protocolo de enlace RSA y autenticaci\u00f3n mutua ECDSA mediante la ayuda de los ataques de canal lateral flush+reload solo en los modelos FortiGate VM."
}
],
"id": "CVE-2019-15703",
"lastModified": "2024-11-21T04:29:17.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-24T14:15:11.003",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-186"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-331"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-01 14:29
Modified
2024-11-21 03:24
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/98048 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1038367 | ||
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-17-017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98048 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038367 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-17-017 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site-scripting en FortiGate versiones 5.2.0 a 5.2.10 de Fortinet, permite al atacante ejecutar c\u00f3digo o comandos no autorizados por medio del par\u00e1metro srcintf durante la Creaci\u00f3n de Pol\u00edticas de Firewall."
}
],
"id": "CVE-2017-3127",
"lastModified": "2024-11-21T03:24:53.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-01T14:29:00.187",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98048"
},
{
"source": "psirt@fortinet.com",
"url": "http://www.securitytracker.com/id/1038367"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-08 23:29
Modified
2024-11-21 01:36
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3023C856-1C07-400B-8F7C-EC7BB2697794",
"versionEndExcluding": "4.3.6",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log\u0026Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de Cross-Site Scripting (XSS) en dispositivos Fortinet FortiGate UTM WAF con FortiOS, en versiones 4.3.x anteriores a la 4.3.6, permiten que atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores relacionados con los m\u00f3dulos (1) Endpoint Monitor, (2) Dialup List o (3) LogReport Display o el par\u00e1metro fields_sorted_opt en (4) user/auth/list o (5) endpointcompliance/app_detect/predefined_sig_list."
}
],
"id": "CVE-2012-0941",
"lastModified": "2024-11-21T01:36:00.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-08T23:29:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.org/files/109168/VL-144.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51708"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://securitytracker.com/id/1026594"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.org/files/109168/VL-144.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://securitytracker.com/id/1026594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-24 10:06
Modified
2024-11-21 00:13
Severity ?
Summary
The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.5_0mr4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0779FEC-B7A9-416D-AC8B-A2F646C166F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.8_mr10:*:*:*:*:*:*:*",
"matchCriteriaId": "769D4FB0-780F-48B0-958B-8E088CD2CBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A5E477-ADA7-469F-80EF-97EE2AF926B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2815EF-253B-4E3D-BFA7-265021783158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.50_mr5:*:*:*:*:*:*:*",
"matchCriteriaId": "6810DDBF-3411-4FD9-981A-E8D5FA7FD0CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "767E66F6-7AF3-4541-8797-D7503D852044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "631ED29C-890E-4C53-8ADB-0061125FEEDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:3.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "973C42EB-2073-4ED9-AE15-F72C863394ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:3.0_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A36F497-1BD7-466A-BA57-069BEA042EE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode."
},
{
"lang": "es",
"value": "El m\u00f3dulo proxy FTP Fortinet FortiOS (FortiGate) anterior v2.80 MR12 y v3.0 MR2 permite a atacantes remotos superar el escaneo del anti-virus a trav\u00e9s del modo Enhanced Passive (EPSV) FTP."
}
],
"id": "CVE-2006-3222",
"lastModified": "2024-11-21T00:13:06.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-24T10:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://attrition.org/pipermail/vim/2006-July/000921.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20720"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/26736"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18570"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2467"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://attrition.org/pipermail/vim/2006-July/000921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27532"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-11 17:15
Modified
2025-03-19 20:21
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-535 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2025-04-08",
"cisaExploitAdd": "2025-03-18",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B14CD59-F557-48A0-8458-BECD3AD7DB3A",
"versionEndExcluding": "7.0.20",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC18768-0891-465E-9900-3DF5D22A5CB3",
"versionEndExcluding": "7.2.13",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD357034-B2FD-4C2E-97FE-2C54D686D885",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS 7.0.0 a 7.0.16 y FortiProxy 7.2.0 a 7.2.12, 7.0.0 a 7.0.19 puede permitir que un atacante remoto obtenga privilegios de superadministrador a trav\u00e9s de solicitudes de proxy CSF manipuladas."
}
],
"id": "CVE-2025-24472",
"lastModified": "2025-03-19T20:21:38.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-11T17:15:34.867",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-288"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:23
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E4FB93-7111-4F2A-8D5A-F276261D0E67",
"versionEndIncluding": "2.0.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8AA932-A965-4345-8151-9CACDEE114F0",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9010968B-B839-4B7C-BFB5-6BD9CBCEC166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E44123-995C-4E08-84B5-FF8C76B67B29",
"versionEndIncluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2A5347-D536-4D43-A163-5B5A3AFE742C",
"versionEndIncluding": "7.4.1",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permiten al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes HTTP especialmente manipuladas."
}
],
"id": "CVE-2023-42790",
"lastModified": "2024-11-21T08:23:09.530",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T15:15:46.293",
"references": [
{
"source": "psirt@fortinet.com",
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2024-11-21 03:46
Severity ?
Summary
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-002 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-002 | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CDDF45-AA70-4684-B834-1ABEFEB7D105",
"versionEndExcluding": "6.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains."
},
{
"lang": "es",
"value": "Una vulnerabilidad del Host Header Redirection en Fortinet FortiOS, en todas las versiones anteriores a la 6.0.5 en el portal web SSL VPN permite a un atacante remoto que envenene la memoria cach\u00e9 HTTP y, posteriormente, redirija en consecuencia a los usuarios del portal web SSL VPN a dominios web arbitrarios."
}
],
"id": "CVE-2018-13384",
"lastModified": "2024-11-21T03:46:59.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T21:29:00.407",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-002"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-06 16:15
Modified
2024-11-21 06:28
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-222 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-222 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7730E2-63AD-48F2-AE0A-6C8C9369A734",
"versionEndExcluding": "6.4.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103E0368-0675-4511-95BF-D5CCD67BBAA5",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de neutralizaci\u00f3n inapropiada de la entrada durante la generaci\u00f3n de p\u00e1ginas web [CWE-79] en FortiOS versi\u00f3n 7.2.0, versiones 6.4.0 hasta 6.4.9, versiones 7.0.0 hasta 7.0.5, puede permitir a un atacante autenticado llevar a cabo un ataque de tipo cross-site scripting (XSS) almacenado mediante el par\u00e1metro URI por medio de la secci\u00f3n de direcci\u00f3n IP de Threat Feed de los conectores externos de Security Fabric.\n"
}
],
"id": "CVE-2021-43080",
"lastModified": "2024-11-21T06:28:39.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-06T16:15:08.407",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-222"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:23
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-363 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-363 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E60913-FBE9-467B-AB4B-CA85E97527BA",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B24750-4A57-4F80-AAE8-8AC316B376C2",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0F948E-DC53-4365-B12F-F17B514E3F35",
"versionEndExcluding": "6.2.13",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE",
"versionEndExcluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB54D85-8A3B-4F40-A814-3636F2AC99F3",
"versionEndExcluding": "7.0.10",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability (\u0027Cross-site Scripting\u0027) [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests."
}
],
"id": "CVE-2022-41330",
"lastModified": "2024-11-21T07:23:04.087",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T17:15:07.390",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-363"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 03:15
Modified
2024-11-21 05:55
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-20-199 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-20-199 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F1E981-42BC-476D-B041-889BE6EF654F",
"versionEndIncluding": "1.2.9",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E986BB97-4883-4B26-9C67-681BB4D2EFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E45929-0FEB-4C95-9DBA-F927712FBF4F",
"versionEndIncluding": "5.2.15",
"versionStartIncluding": "5.2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0",
"versionEndIncluding": "5.4.13",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB24CA5-D2B3-4FEE-B03A-05A7A0F11964",
"versionEndIncluding": "6.2.7",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A29B9B0-C8AD-47FA-B18C-2898EBCB1295",
"versionEndIncluding": "6.4.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters."
},
{
"lang": "es",
"value": "Un fallo en el saneo de la entrada en el portal web SSL VPN de FortiOS versiones 5.2.10 hasta 5.2.15, 5.4.0 hasta 5.4.13, 5.6.0 hasta 5.6.14, 6.0.0 hasta 6.0.12, 6.2.0 hasta 6.2.7, 6.4.0 hasta 6.4.4; y FortiProxy 1. 2.0 hasta 1.2.9, 2.0.0 hasta 2.0.1, pueden permitir a un atacante remoto no autenticado llevar a cabo un ataque de tipo Cross-site Scripting (XSS) reflejado mediante el env\u00edo una petici\u00f3n a la p\u00e1gina de error con par\u00e1metros GET maliciosos"
}
],
"id": "CVE-2021-26092",
"lastModified": "2024-11-21T05:55:51.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T03:15:43.407",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-199"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-10 18:15
Modified
2024-11-21 08:25
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-315 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-315 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortiproxy | 7.4.1 | |
| fortinet | fortios | 7.2.5 | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9010968B-B839-4B7C-BFB5-6BD9CBCEC166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1491795D-14BA-4D82-9CB0-6FA7D35EB64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06FF7838-98E3-4022-95D3-D7B540D98D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de administraci\u00f3n de privilegios inadecuada [CWE-269] en un cl\u00faster Fortinet FortiOS HA versi\u00f3n 7.4.0 a 7.4.1 y 7.2.5 y en un cl\u00faster FortiProxy HA versi\u00f3n 7.4.0 a 7.4.1 permite que un atacante autenticado realice acciones elevadas a trav\u00e9s de solicitudes HTTP o HTTPS manipuladas."
}
],
"id": "CVE-2023-44250",
"lastModified": "2024-11-21T08:25:31.227",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-10T18:15:46.030",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-315"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:01
Severity ?
Summary
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7363C344-1CA6-4F53-8004-689633230CCC",
"versionEndIncluding": "2.8_mr10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B78DFB1-2D05-4AAE-BB9E-B6653C3164B4",
"versionEndIncluding": "3_beta",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "73B13D8D-D888-41BE-A9A3-85053378769D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP."
}
],
"id": "CVE-2005-3057",
"lastModified": "2024-11-21T00:01:01.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18844"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16597"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-12 15:15
Modified
2024-11-21 04:32
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-248 | Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-007 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-248 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-007 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "388FF005-6EE2-47C4-A782-BC1911BB83A1",
"versionEndExcluding": "1.2.10",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B87B5F67-4417-4BD6-9A58-4FA5188A659C",
"versionEndExcluding": "2.0.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE1BA74-CBC4-4661-91E5-68E8425D42EA",
"versionEndIncluding": "6.0.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "159A3E80-81C4-4D83-9735-40F8B80A87F1",
"versionEndIncluding": "6.2.2",
"versionStartIncluding": "6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a malformed PUT request to the server. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el demonio HTTPD de FortiOS versiones 6.0.10 y por debajo, versiones 6.2.2 y por debajo y FortiProxy versiones 1.0.x, 1.1.x, 1.2.9 y por debajo, versiones 2.0.0 y por debajo, puede permitir a un atacante remoto autenticado bloquear el servicio mediante el env\u00edo de una petici\u00f3n PUT malformada hacia el servidor.\u0026#xa0;Fortinet no tiene conocimiento de ninguna explotaci\u00f3n con \u00e9xito de esta vulnerabilidad que podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2019-17656",
"lastModified": "2024-11-21T04:32:42.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-12T15:15:13.827",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-248"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-007"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:23
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-380 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-380 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F3A99BB-534C-4984-948B-8FFF659A9B9B",
"versionEndIncluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0983FC2C-A9F2-4918-81E6-BDCF05E5BF65",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB643A8-B52F-4D54-B816-28A6401BAA25",
"versionEndIncluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands."
}
],
"id": "CVE-2022-41327",
"lastModified": "2024-11-21T07:23:03.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:14.960",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-380"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-12 02:29
Modified
2024-11-21 03:24
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-104 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://www.exploit-db.com/exploits/42388/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-104 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42388/ | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in \"Applications\" under FortiView."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS desde la versi\u00f3n 5.4.0 hasta la 5.4.4 y la versi\u00f3n 5.6.0 permite que atacantes remotos ejecuten c\u00f3digo o comandos sin autorizaci\u00f3n mediante la entrada de filtro en \"Applications\" en FortiView."
}
],
"id": "CVE-2017-3131",
"lastModified": "2024-11-21T03:24:53.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-12T02:29:00.203",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:45
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-494 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-494 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiproxy | 7.2.1 | |
| fortinet | fortiproxy | 7.2.2 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83139FA-7195-4171-8BC6-CC4F9379C7C9",
"versionEndIncluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91E7F209-D645-48EC-BB5F-E730E55E8EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7028AFDA-6CB5-4DB0-8977-9BA995DE14C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0135464C-532C-430D-A76C-2FCDE4C991D1",
"versionEndIncluding": "6.0.17",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E99B6E5-7EC3-406C-AFAC-A5E32DE266DF",
"versionEndIncluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E775D02-7C02-40BE-A118-D874B9BBC936",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "813E179E-B948-4480-A5B1-B0ED562A41BC",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands."
}
],
"id": "CVE-2023-22639",
"lastModified": "2024-11-21T07:45:06.413",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:16.177",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-494"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 22:29
Modified
2024-11-21 04:45
Severity ?
Summary
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2FB321-696D-44AE-92A7-3A66B4ED4B19",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "5.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"param\" parameter of the error process HTTP requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad reflejada de Cross-Site-Scripting (XSS) en Fortinet FortiOS 5.2.0 a 5.6.10, 6.0.0 a 6.0.4 bajo el portal web SSL VPN puede permitir que un atacante ejecute el c\u00f3digo de script malicioso no autorizado mediante el par\u00e1metro \"param\" de las solicitudes HTTP de proceso de error."
}
],
"id": "CVE-2019-5586",
"lastModified": "2024-11-21T04:45:10.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T22:29:00.237",
"references": [
{
"source": "psirt@fortinet.com",
"url": "http://www.securityfocus.com/bid/108610"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/108610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 17:15
Modified
2024-11-21 08:27
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
5.0 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-225 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-225 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortiproxy | 7.4.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86607BB0-08AB-4E78-913D-B783949D5C1D",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469D97BA-282C-4875-A156-FDA00B5B4093",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9010968B-B839-4B7C-BFB5-6BD9CBCEC166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1491795D-14BA-4D82-9CB0-6FA7D35EB64E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E96C569E-0642-4FDD-B65F-A5926B69021A",
"versionEndIncluding": "6.2.16",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884279B3-E480-44E1-B126-5C1029B6BE75",
"versionEndIncluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D25F9C04-C7FD-4B1F-A194-CA69E5DE903C",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 \u0026 FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets."
},
{
"lang": "es",
"value": "Una verificaci\u00f3n insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en Fortinet FortiOS SSL-VPN modo t\u00fanel versi\u00f3n 7.4.0 a 7.4.1, versi\u00f3n 7.2.0 a 7.2.7 y anteriores a 7.0.12 y versi\u00f3n de modo t\u00fanel FortiProxy SSL-VPN 7.4.0 a 7.4.1, versi\u00f3n 7.2.0 a 7.2.7 y anteriores a 7.0.13 permiten que un usuario de VPN autenticado env\u00ede (pero no reciba) paquetes que falsifiquen la IP de otro usuario a trav\u00e9s de paquetes de red manipulados."
}
],
"id": "CVE-2023-45586",
"lastModified": "2024-11-21T08:27:00.740",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-14T17:15:24.560",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-225"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-03 22:15
Modified
2024-11-21 07:45
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | 1.0.0 | |
| fortinet | fortiproxy | 1.1.0 | |
| fortinet | fortiproxy | 1.2.0 | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EAFD6A7-AAC9-4073-9329-F5B1D9835E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "666BE44D-1B17-4B2E-9BA1-3A127CC0E0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "906F778B-919C-499C-A2D5-4B59F206E430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225",
"versionEndIncluding": "6.0.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D539CF21-2985-4E9B-94E8-E0B696752291",
"versionEndExcluding": "6.2.14",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA72D9-CD66-4628-92B5-6CDFCB8E0EEE",
"versionEndExcluding": "6.4.12",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests."
}
],
"id": "CVE-2023-22640",
"lastModified": "2024-11-21T07:45:06.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-03T22:15:17.857",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-475"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-05 20:15
Modified
2024-11-21 06:46
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-21-235 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-21-235 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiadc | * | |
| fortinet | fortiadc | * | |
| fortinet | fortiadc | 6.2.0 | |
| fortinet | fortiadc | 6.2.1 | |
| fortinet | fortimail | * | |
| fortinet | fortimail | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.0.0 | |
| fortinet | fortiproxy | 7.0.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADB57D8-1ABE-4401-B1B0-4640A34C555A",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D31CF79E-6C56-4CD0-9DD2-FBB48D503786",
"versionEndIncluding": "6.1.6",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCDF60B5-A0BE-41F6-A0D5-53526A7BBAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B42E0536-4831-4A6B-AC0B-C7AE3CDE3834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07883AF7-1C60-43C9-8D98-CCF2B20C3B13",
"versionEndIncluding": "6.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11",
"versionEndIncluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05",
"versionEndIncluding": "1.2.13",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5E8B52-3027-4A6E-82AC-052D5A320D84",
"versionEndIncluding": "2.0.7",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB7E21E-A68B-44FC-8F0E-EF5926186F26",
"versionEndIncluding": "5.0.14",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F93F9C8-6064-4CED-88DF-3580C517AB51",
"versionEndIncluding": "5.2.15",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0",
"versionEndIncluding": "5.4.13",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4",
"versionEndIncluding": "6.0.14",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4361DFE-431C-470A-9C9A-263681F125CC",
"versionEndIncluding": "6.2.10",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "986D96D1-B204-48FC-8852-BB8341941236",
"versionEndExcluding": "6.4.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "455773C7-5DAC-4EFF-8848-51EC77C9CB57",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cadena de formato [CWE-134] en el int\u00e9rprete de l\u00ednea de comandos de FortiADC versi\u00f3n 6.0.0 hasta 6.0.4, FortiADC versi\u00f3n 6.1.0 hasta 6.1.5, FortiADC versi\u00f3n 6.2.0 hasta 6.2.1, FortiProxy versi\u00f3n 1.0.0 hasta 1.0.7, FortiProxy versi\u00f3n 1.1.0 hasta 1.1.6, FortiProxy versi\u00f3n 1.2.0 hasta 1.2.13, FortiProxy versi\u00f3n 2.0.0 hasta 2.0.7, FortiProxy versi\u00f3n 7. 0.0 a 7.0.1, FortiOS versi\u00f3n 6.0.0 hasta 6.0.14, FortiOS versi\u00f3n 6.2.0 hasta 6.2.10, FortiOS versi\u00f3n 6.4.0 hasta 6.4.8, FortiOS versi\u00f3n 7.0.0 hasta 7.0.2, FortiMail versi\u00f3n 6.4.0 hasta 6.4.5, FortiMail versi\u00f3n 7.0.0 hasta 7.0.2, pueden permitir a un usuario autenticado ejecutar c\u00f3digo o comandos no autorizados por medio de argumentos de comando especialmente dise\u00f1ados"
}
],
"id": "CVE-2022-22299",
"lastModified": "2024-11-21T06:46:35.613",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-05T20:15:08.147",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-235"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-22 14:29
Modified
2025-01-27 21:30
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-157 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-157 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2022-09-29",
"cisaExploitAdd": "2022-09-08",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiADC Improper Access Control Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE3819E-9A44-450F-A461-C8C98C4EA37C",
"versionEndExcluding": "5.4.5",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5CDC2B-23F8-4023-AC68-155C274F900E",
"versionEndExcluding": "6.0.2",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "028E15CD-B5F9-4376-9758-78D131103BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93254072-D30A-4BF8-9AB5-40DF2C2D5507",
"versionEndExcluding": "6.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one."
},
{
"lang": "es",
"value": "Un control de acceso inadecuado en Fortinet FortiOS 6.0.2, 5.6.7 y anteriores, FortiADC 6.1.0, 6.0.0 a 6.0.1, 5.4.0 a 5.4.4 permite a un atacante obtener las credenciales de inicio de sesi\u00f3n del servidor LDAP configurado en FortiGate a trav\u00e9s de una solicitud de prueba de conectividad del servidor LDAP a un servidor LDAP falso en lugar del configurado"
}
],
"id": "CVE-2018-13374",
"lastModified": "2025-01-27T21:30:51.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-22T14:29:00.220",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-157"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-424 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-424 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D25F9C04-C7FD-4B1F-A194-CA69E5DE903C",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts."
},
{
"lang": "es",
"value": "Una vulnerabilidad de autenticaci\u00f3n incorrecta [CWE-287] en las versiones 7.4.1 y anteriores de FortiOS, las versiones 7.2.6 y siguientes y las versiones 7.0.12 y siguientes cuando se configura con FortiAuthenticator en HA puede permitir que un usuario de solo lectura obtenga acceso de lectura y escritura a trav\u00e9s de intentos sucesivos de inicio de sesi\u00f3n."
}
],
"id": "CVE-2023-46717",
"lastModified": "2024-11-21T08:29:08.597",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T15:15:46.487",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-424"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-18 14:15
Modified
2025-02-19 19:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-377 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.2.0 | |
| fortinet | fortiswitchmanager | 7.0.0 | |
| fortinet | fortiswitchmanager | 7.2.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"cisaActionDue": "2022-11-01",
"cisaExploitAdd": "2022-10-11",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet Multiple Products Authentication Bypass Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B778AD94-D279-42B4-A062-8231F14936B3",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F302F8-482A-4DA9-BDD9-63886B202B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4A6B0D-1614-443B-8EBA-A8FBC2E1A832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B73D78B-2270-45B7-854E-F985B8D88F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A86B1AB3-F33E-461C-A19C-C3A51B47AC5F",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDB271-0A73-4C94-B3CE-B766E99898C0",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests."
},
{
"lang": "es",
"value": "Una omisi\u00f3n de autenticaci\u00f3n usando una ruta o canal alternativo [CWE-288] en Fortinet FortiOS versi\u00f3n versiones 7.2.0 hasta 7.2.1 y 7.0.0 hasta 7.0.6, FortiProxy versi\u00f3n 7.2.0 y versiones 7.0.0 hasta 7.0.6 y FortiSwitchManager versi\u00f3n 7.2.0 y 7.0.0, permite a un atacante no autenticado llevar a cabo operaciones en la interfaz administrativa por medio de peticiones HTTP o HTTPS especialmente dise\u00f1adas"
}
],
"id": "CVE-2022-40684",
"lastModified": "2025-02-19T19:37:18.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-18T14:15:09.747",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-377"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-15 20:59
Modified
2024-11-21 02:36
Severity ?
Summary
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors."
},
{
"lang": "es",
"value": "FortiOS 5.2.3, cuando se configura para usar High Availability (HA) y la interfaz de administraci\u00f3n dedicada est\u00e1 habilitada, no requiere autenticaci\u00f3n para el acceso a la shell ZebOS en la interfaz de gesti\u00f3n dedicada HA, lo que permite a atacantes remotos obtener acceso a la shell a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-7361",
"lastModified": "2024-11-21T02:36:39.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-15T20:59:01.833",
"references": [
{
"source": "cve@mitre.org",
"url": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033093"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-16 09:15
Modified
2025-02-03 21:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-259 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortimanager | * | |
| fortinet | fortimanager | * | |
| fortinet | fortimanager_cloud | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortirecorder | * | |
| fortinet | fortivoice | * | |
| fortinet | fortivoice | * | |
| fortinet | fortiweb | * | |
| fortinet | fortiweb | 7.6.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7269FDB6-A1D4-4912-8751-87BA52614FDA",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241A8930-4ADA-4380-AA42-F10B28487595",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32CFAF1E-358A-4F6D-96CB-D7229F0D9D74",
"versionEndExcluding": "7.0.19",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B93C73-1E94-4854-8405-C3689860A74C",
"versionEndExcluding": "7.2.12",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B276403-CE85-445A-9E5D-BBFBD7AB7A68",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD60BA50-3F98-46BF-97E8-28AB207DE12A",
"versionEndExcluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B0D078-2F52-46B4-B9C0-162447828E1B",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF1E214-4BC5-47E8-BF02-072D6D830BAF",
"versionEndIncluding": "6.4.10",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28B43375-DA74-4C5F-BAEE-39F312EEF51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7D031B-221B-4738-AC83-4FB92A106528",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets."
},
{
"lang": "es",
"value": " Una limitaci\u00f3n incorrecta de una ruta de acceso a un directorio restringido (\"path traversal\") en Fortinet FortiRecorder versiones 7.2.0 a 7.2.1, 7.0.0 a 7.0.4, FortiWeb versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.10, 6.4.0 a 6.4.3, FortiVoice versiones 7.0.0 a 7.0.4, 6.4.0 a 6.4.9, 6.0.0 a 6.0.12 permite a un atacante escalar privilegios a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-48885",
"lastModified": "2025-02-03T21:11:41.750",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-16T09:15:06.737",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-13 08:15
Modified
2024-11-21 08:30
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-432 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-432 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
"versionEndIncluding": "2.0.12",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF27CA2F-3F4C-4CCB-B832-0E792673C429",
"versionEndIncluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS versi\u00f3n 7.2.0, versi\u00f3n 7.0.13 e inferior, versi\u00f3n 6.4.14 e inferior y FortiProxy versi\u00f3n 7.2.3 e inferior, versi\u00f3n 7.0.9 e inferior, versi\u00f3n 2.0.12 y a continuaci\u00f3n pueden permitir que un atacante remoto no autenticado evite la pol\u00edtica de geolocalizaci\u00f3n de denegaci\u00f3n del firewall sincronizando la omisi\u00f3n con una actualizaci\u00f3n de la base de datos GeoIP."
}
],
"id": "CVE-2023-47536",
"lastModified": "2024-11-21T08:30:24.973",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-13T08:15:50.920",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-432"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:23
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-328 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-328 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 7.4.0 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.4.0 | |
| fortinet | fortios | 7.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E4FB93-7111-4F2A-8D5A-F276261D0E67",
"versionEndIncluding": "2.0.13",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8AA932-A965-4345-8151-9CACDEE114F0",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9010968B-B839-4B7C-BFB5-6BD9CBCEC166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99",
"versionEndIncluding": "6.2.15",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E44123-995C-4E08-84B5-FF8C76B67B29",
"versionEndIncluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests."
},
{
"lang": "es",
"value": "Una escritura fuera de l\u00edmites en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes HTTP especialmente manipuladas."
}
],
"id": "CVE-2023-42789",
"lastModified": "2024-11-21T08:23:09.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T15:15:46.107",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 15:15
Modified
2024-11-21 08:56
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-013 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-013 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94C6FBEA-B8B8-4A92-9CAF-F4A125577C3C",
"versionEndIncluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "406F8C48-85CE-46AF-BE5C-0ED9E3E16A39",
"versionEndIncluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DD8789-6485-49E6-92D3-74004D9B6E9B",
"versionEndIncluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4841D40B-DA6E-4B4A-A698-8E23B3E40101",
"versionEndIncluding": "6.4.14",
"versionStartIncluding": "6.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40193C91-DAF4-4A0D-9AA7-0D4DDE964488",
"versionEndIncluding": "7.0.13",
"versionStartIncluding": "7.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24D09A92-81EC-4003-B017-C67FC739EEBF",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E2A5347-D536-4D43-A163-5B5A3AFE742C",
"versionEndIncluding": "7.4.1",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user\u2019s bookmark via URL manipulation."
},
{
"lang": "es",
"value": "Una omisi\u00f3n de autorizaci\u00f3n a trav\u00e9s de una vulnerabilidad de clave controlada por el usuario [CWE-639] en FortiOS versi\u00f3n 7.4.0 a 7.4.1, 7.2.0 a 7.2.6, 7.0.1 a 7.0.13, 6.4.7 a 6.4.14, y FortiProxy versi\u00f3n 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14 SSL-VPN puede permitir que un atacante autenticado obtenga acceso al marcador de otro usuario mediante manipulaci\u00f3n de URL."
}
],
"id": "CVE-2024-23112",
"lastModified": "2024-11-21T08:56:57.390",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-12T15:15:49.090",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-013"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-04-09 15:15
Modified
2024-12-12 19:22
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-493 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-493 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A966233A-245A-4256-A142-84FACB98EE4E",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469D97BA-282C-4875-A156-FDA00B5B4093",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0CE6-3E57-47D9-8318-215F0C4A2031",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BCDC86-176E-401A-B188-F77E22BCFC2D",
"versionEndExcluding": "6.2.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E29353F-8791-4117-BA7A-E32FAB8348A4",
"versionEndExcluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D25F9C04-C7FD-4B1F-A194-CA69E5DE903C",
"versionEndExcluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack"
},
{
"lang": "es",
"value": "Credenciales insuficientemente protegidas en Fortinet FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6 , 1.0.0 a 1.0.7, Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17 permite al atacante ejecutar c\u00f3digo o comandos no autorizados mediante un ataque de ingenier\u00eda social dirigido"
}
],
"id": "CVE-2023-41677",
"lastModified": "2024-12-12T19:22:04.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-04-09T15:15:27.400",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-493"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-04 21:29
Modified
2024-11-21 03:46
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-387 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-232 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-387 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-232 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26F099AE-4482-4964-8B8A-1B412A423C3B",
"versionEndIncluding": "1.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0929E2F4-54B6-4D67-B694-EF1562E2B5F7",
"versionEndIncluding": "5.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F970C1D-5018-4D52-91F6-A5F2CD123935",
"versionEndIncluding": "5.4.12",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC4C822-47EB-4EA0-834D-7A63D9F0E46D",
"versionEndIncluding": "5.6.10",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D27D2C-5211-41A7-B0F4-7721EE7884BF",
"versionEndIncluding": "6.0.4",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en Fortinet FortiOS versi\u00f3n 6.0.0 hasta la 6.0.4, versi\u00f3n 5.6.0 hasta la5.6.7, versi\u00f3n 5.4 y anteriores y FortiProxy versi\u00f3n 2.0.0, versi\u00f3n 1.2.8 y anteriores en el portal web SSL VPN permite a un atacante no autenticado realizar un ataque de denegaci\u00f3n de servicio a trav\u00e9s de cargas \u00fatiles de mensajes especiales"
}
],
"id": "CVE-2018-13381",
"lastModified": "2024-11-21T03:46:59.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T21:29:00.313",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-387"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-232"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-15 14:15
Modified
2024-11-29 15:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-24-029 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | * | |
| fortinet | fortipam | 1.2.0 |
{
"cisaActionDue": "2024-10-30",
"cisaExploitAdd": "2024-10-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet Multiple Products Format String Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94C6FBEA-B8B8-4A92-9CAF-F4A125577C3C",
"versionEndIncluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "406F8C48-85CE-46AF-BE5C-0ED9E3E16A39",
"versionEndIncluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DD8789-6485-49E6-92D3-74004D9B6E9B",
"versionEndIncluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2B9FD3-9581-465E-A5E1-A1BCEFB0DFA3",
"versionEndIncluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094185B2-8DC1-46C2-B160-31BEEFDB2CC7",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF27CA2F-3F4C-4CCB-B832-0E792673C429",
"versionEndIncluding": "7.0.13",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24D09A92-81EC-4003-B017-C67FC739EEBF",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49C323D0-5B01-4DB2-AB98-7113D8E607B6",
"versionEndIncluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA2C6ED-2765-4B56-9B37-10C50BD32C75",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0060F1F-527F-4E91-A59F-F3141977CB7A",
"versionEndIncluding": "1.1.2",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0927D1-F469-4344-B4C9-3190645F5899",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets."
},
{
"lang": "es",
"value": "Un uso de cadena de formato controlada externamente en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, FortiProxy versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, versiones de FortiPAM 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, versiones de FortiSwitchManager 7.2.0 a 7.2.3, 7.0.0 a 7.0. 3 permite al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-23113",
"lastModified": "2024-11-29T15:09:12.633",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-15T14:15:46.503",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-029"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-16 19:15
Modified
2024-11-21 07:18
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-257 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-257 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "247BFEDF-2B1D-4E1F-A699-3BEDD4B63EA0",
"versionEndIncluding": "2.0.9",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B778AD94-D279-42B4-A062-8231F14936B3",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5056BFD5-9618-44FC-98E8-C4DA386F9925",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2\u00a0all versions, 6.0\u00a0all versions and FortiProxy 7.0.0 through 7.0.6, 2.0\u00a0all versions, 1.2\u00a0all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)"
}
],
"id": "CVE-2022-39948",
"lastModified": "2024-11-21T07:18:32.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T19:15:12.993",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-257"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 17:15
Modified
2024-11-21 07:27
Severity ?
5.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-22-444 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-22-444 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040866D8-0D44-4EC2-8801-5F50E51A7CAE",
"versionEndIncluding": "2.0.9",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81E60913-FBE9-467B-AB4B-CA85E97527BA",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B24750-4A57-4F80-AAE8-8AC316B376C2",
"versionEndExcluding": "7.2.2",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0B7CC5-F5D8-4912-84BE-2F1D010B97B1",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions."
}
],
"id": "CVE-2022-43947",
"lastModified": "2024-11-21T07:27:23.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T17:15:07.693",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-444"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-12-11 19:54
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.fortinet.com/psirt/FG-IR-24-036 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortipam | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiswitchmanager | * | |
| fortinet | fortiswitchmanager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A93633F-8865-49D7-A5CE-F7D009DFB901",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FDDB5F3-D229-4208-9110-8860A03C8B59",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F2452A-7AF9-4BD2-932D-D6414699C793",
"versionEndIncluding": "1.3.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E7DA8E-34CB-4527-A4A0-1EDBFBBDA894",
"versionEndExcluding": "7.0.17",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFA2C3-0A23-4884-B751-785BE598DFF3",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2C29AD-A11F-4A5F-8BB0-8600D5F77E72",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB333FC-4406-4EBD-B6F2-6C41BCE2E742",
"versionEndExcluding": "7.0.4",
"versionStartIncluding": "7.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiswitchmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0D2553-E4E6-454A-80F6-9D014A4710D3",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en Fortinet FortiPAM versi\u00f3n 1.2.0, 1.1.0 a 1.1.2, 1.0.0 a 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager versi\u00f3n 7.2.0 a 7.2.3, 7.0.1 a 7.0. 3, FortiOS versi\u00f3n 7.4.0 a 7.4.3, 7.2.0 a 7.2.7, 7.0.0 a 7.0.14, 6.4.0 a 6.4.15, 6.2.0 a 6.2.16, 6.0.0 a 6.0. 18, FortiProxy versi\u00f3n 7.4.0 a 7.4.2, 7.2.0 a 7.2.9, 7.0.0 a 7.0.15, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de paquetes especialmente manipulados."
}
],
"id": "CVE-2024-26010",
"lastModified": "2024-12-11T19:54:35.323",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-11T15:16:04.473",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-12 02:29
Modified
2024-11-21 03:32
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the "Groups" input while creating or editing User Groups.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/99098 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1038705 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-127 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038705 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-127 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 | |
| fortinet | fortios | 5.2.4 | |
| fortinet | fortios | 5.2.5 | |
| fortinet | fortios | 5.2.6 | |
| fortinet | fortios | 5.2.7 | |
| fortinet | fortios | 5.2.8 | |
| fortinet | fortios | 5.2.9 | |
| fortinet | fortios | 5.2.10 | |
| fortinet | fortios | 5.2.11 | |
| fortinet | fortios | 5.4.0 | |
| fortinet | fortios | 5.4.1 | |
| fortinet | fortios | 5.4.2 | |
| fortinet | fortios | 5.4.3 | |
| fortinet | fortios | 5.4.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DB756AF8-F9D2-472E-867B-C04D11F62FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1668AE14-D9A4-4B7D-BC3F-75885792875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0F3B9B-A06F-4A96-B2E7-9DC56E629182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50F8AE97-A647-4A37-8EF2-BC0BBCC8EADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "377A2F0B-2A58-4C2C-B546-3178B353484B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20EBDFD4-45A0-47CC-817E-48E84F945402",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.2.0 through 5.2.11 and 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via the \"Groups\" input while creating or editing User Groups."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS desde la versi\u00f3n 5.2.0 hasta la 5.2.11 y 5.4.0 hasta la 5.4.4 permite que atacantes remotos ejecuten c\u00f3digo o comandos sin autorizaci\u00f3n mediante la entrada \"Groups\" al crear o editar grupos de usuarios."
}
],
"id": "CVE-2017-7735",
"lastModified": "2024-11-21T03:32:33.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-12T02:29:00.420",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99098"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038705"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-127"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-04-09 15:15
Modified
2025-01-17 17:19
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-413 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-413 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0532A5-31F2-4A92-BF31-6003E28AC948",
"versionEndExcluding": "7.0.16",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A\u00a0use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local\u00a0privileged attacker with super-admin profile and CLI access\u00a0to execute arbitrary code or commands via specially crafted requests."
},
{
"lang": "es",
"value": "El uso de una vulnerabilidad de cadena de formato controlada externamente [CWE-134] en FortiOS versi\u00f3n 7.4.1 e inferior, versi\u00f3n 7.2.7 e inferior, versi\u00f3n 7.0.14 e inferior, versi\u00f3n 6.4.15 e inferior, la interfaz de l\u00ednea de comando puede permitir una interfaz de l\u00ednea de comando local. Atacante privilegiado con perfil de superadministrador y acceso CLI para ejecutar c\u00f3digo o comandos arbitrarios a trav\u00e9s de solicitudes especialmente manipuladas."
}
],
"id": "CVE-2023-48784",
"lastModified": "2025-01-17T17:19:51.033",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-04-09T15:15:28.617",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-413"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 11:15
Modified
2024-11-21 05:55
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-131 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-131 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | 2.0.0 | |
| fortinet | fortiproxy | 2.0.1 | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B",
"versionEndIncluding": "1.1.6",
"versionStartIncluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F1E981-42BC-476D-B041-889BE6EF654F",
"versionEndIncluding": "1.2.9",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E986BB97-4883-4B26-9C67-681BB4D2EFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD",
"versionEndIncluding": "5.6.14",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B09D1C32-BF6B-4B27-91D4-1347EFB8ECB7",
"versionEndIncluding": "6.0.12",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88D6903E-70D0-4D63-BC68-BA37EE91BCB1",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inapropiado [CWE-284] en el demonio autod de FortiOS versiones 7.0.0, 6.4.6 y anteriores, 6.2.9 y anteriores, 6.0.12 y anteriores y FortiProxy 2.0.1 y anteriores, 1.2.9 y anteriores, puede permitir a un atacante autenticado con pocos privilegios escalar sus privilegios a super_admin por medio de una configuraci\u00f3n espec\u00edfica dise\u00f1ada del script CLI de automatizaci\u00f3n de tejidos y de las funciones de auto-script"
}
],
"id": "CVE-2021-26110",
"lastModified": "2024-11-21T05:55:53.013",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T11:15:11.683",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-131"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-16 10:15
Modified
2024-11-21 08:05
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-015 | Not Applicable | |
| nvd@nist.gov | https://exchange.xforce.ibmcloud.com/vulnerabilities/258201 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-015 | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
"versionEndIncluding": "7.2.3",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8870AB06-C50F-452A-952C-30DE7860264E",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter."
}
],
"id": "CVE-2023-33307",
"lastModified": "2024-11-21T08:05:22.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-16T10:15:09.523",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Not Applicable"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/258201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-04-09 15:15
Modified
2024-12-11 19:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-224 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-224 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84C7A2F-EE15-4CAA-BC3F-A7FDD8A4574F",
"versionEndExcluding": "7.2.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4316C2EA-3D6E-4A0C-B81D-ADCE040E03E0",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests."
},
{
"lang": "es",
"value": "La exposici\u00f3n de informaci\u00f3n confidencial a un actor no autorizado en Fortinet FortiOS al menos en la versi\u00f3n 7.4.0 a 7.4.1 y 7.2.0 a 7.2.5 y 7.0.0 a 7.0.15 y 6.4.0 a 6.4.15 permite al atacante a la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s de solicitudes HTTP."
}
],
"id": "CVE-2024-23662",
"lastModified": "2024-12-11T19:11:44.790",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-04-09T15:15:31.370",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-224"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-08 18:29
Modified
2024-11-21 03:59
Severity ?
Summary
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-018 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-018 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3BE3F8-9157-461C-8E3A-ABFA728B7DB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cadena de formato en Fortinet FortiOS 5.6.0 permite que un atacante ejecute c\u00f3digo o comandos no autorizados mediante la variable SSH de nombre de usuario."
}
],
"id": "CVE-2018-1352",
"lastModified": "2024-11-21T03:59:40.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-08T18:29:00.237",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-018"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-11 15:16
Modified
2024-11-21 08:56
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-460 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-460 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BCDC86-176E-401A-B188-F77E22BCFC2D",
"versionEndExcluding": "6.2.16",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E29353F-8791-4117-BA7A-E32FAB8348A4",
"versionEndExcluding": "6.4.15",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A",
"versionEndExcluding": "7.4.3",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands"
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en Fortinet FortiOS versi\u00f3n 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, 6.0 todas las versiones permiten al atacante ejecutar c\u00f3digo o comandos no autorizados mediante comandos especialmente manipulados"
}
],
"id": "CVE-2024-23110",
"lastModified": "2024-11-21T08:56:57.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-11T15:16:03.707",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-460"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-31 16:09
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.fortinet.com/psirt/FG-IR-24-326 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71AD879-997D-4787-A1E9-E4132AC521E2",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CE8EE3-D64A-49C8-87D7-C18B302F864A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en datos enviados [CWE-201] en FortiOS 7.6.0, 7.4.0 a 7.4.4 puede permitir que un atacante en una posici\u00f3n intermedia recupere el secreto compartido del servidor de contabilidad RADIUS mediante la interceptaci\u00f3n de solicitudes de contabilidad."
}
],
"id": "CVE-2024-46665",
"lastModified": "2025-01-31T16:09:23.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-14T14:15:31.490",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-326"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-201"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-22 10:15
Modified
2024-12-10 19:28
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-125 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-125 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortiproxy | * | |
| fortinet | fortiproxy | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4562BDF7-D894-4CD8-95AC-9409FDEBE73F",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D70694-BB02-43E2-8F74-D50D9D4C5E3C",
"versionEndExcluding": "7.0.11",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "122518E7-EA43-4240-AAFB-61AD2AA28A2B",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests."
},
{
"lang": "es",
"value": "Una desreferencia de puntero nulo en Fortinet FortiOS versi\u00f3n 7.2.0 a 7.2.4, 7.0.0 a 7.0.11, 6.4.0 a 6.4.12, Fortiproxy versi\u00f3n 7.2.0 a 7.2.4, 7.0.0 a 7.0.10 permite atacante a la denegaci\u00f3n de servicio a trav\u00e9s de solicitudes HTTP especialmente manipuladas."
}
],
"id": "CVE-2023-29179",
"lastModified": "2024-12-10T19:28:38.803",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-22T10:15:07.693",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-125"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 15:15
Modified
2024-11-21 04:15
Severity ?
Summary
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-100 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-100 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | forticlient | * | |
| fortinet | forticlient | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "FA6A19E5-0059-4F94-A8D8-BBFF6B8C0C1D",
"versionEndIncluding": "6.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "A481CDA4-13C2-4929-934B-B09590E721A8",
"versionEndIncluding": "6.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A44C4B-988B-45E4-BA76-8984A9AB9AB0",
"versionEndIncluding": "6.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."
},
{
"lang": "es",
"value": "El uso de una clave criptogr\u00e1fica codificada en el protocolo de comunicaci\u00f3n de servicios FortiGuard puede permitir que un Hombre en el medio con conocimiento de la clave escuche y modifique informaci\u00f3n (servicios URL / SPAM en FortiOS 5.6 y servicios URL / SPAM / AV en FortiOS 6.0). ; Clasificaci\u00f3n de URL en FortiClient) enviado y recibido de los servidores de Fortiguard al descifrar estos mensajes. Los productos afectados incluyen FortiClient para Windows 6.0.6 y versiones anteriores, FortiOS 6.0.7 y versiones anteriores , FortiClient para Mac OS 6.2.1 y versiones anteriores."
}
],
"id": "CVE-2018-9195",
"lastModified": "2024-11-21T04:15:09.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T15:15:12.477",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-100"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-04 05:39
Modified
2024-11-21 02:00
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en firewall/schedule/recurrdlg en Fortinet FortiOS 5.0.5 permite a atacantes remotos inyectar script Web o HTML arbitrario a trav\u00e9s del par\u00e1metro mkey."
}
],
"id": "CVE-2013-7182",
"lastModified": "2024-11-21T02:00:26.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-04T05:39:08.403",
"references": [
{
"source": "cret@cert.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0016.html"
},
{
"source": "cret@cert.org",
"url": "http://osvdb.org/102819"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/56739"
},
{
"source": "cret@cert.org",
"url": "http://www.fortiguard.com/advisory/FG-IR-14-003/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/728638"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/65308"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id/1029730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FG-IR-14-003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/728638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029730"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-23 17:29
Modified
2024-11-21 03:24
Severity ?
Summary
A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/98514 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1038541 | ||
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-17-057 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98514 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038541 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-17-057 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | 5.0.0 | |
| fortinet | fortios | 5.0.1 | |
| fortinet | fortios | 5.0.2 | |
| fortinet | fortios | 5.0.3 | |
| fortinet | fortios | 5.0.4 | |
| fortinet | fortios | 5.0.5 | |
| fortinet | fortios | 5.0.6 | |
| fortinet | fortios | 5.0.7 | |
| fortinet | fortios | 5.0.8 | |
| fortinet | fortios | 5.0.9 | |
| fortinet | fortios | 5.0.10 | |
| fortinet | fortios | 5.0.11 | |
| fortinet | fortios | 5.0.12 | |
| fortinet | fortios | 5.0.13 | |
| fortinet | fortios | 5.0.14 | |
| fortinet | fortios | 5.2.0 | |
| fortinet | fortios | 5.2.1 | |
| fortinet | fortios | 5.2.2 | |
| fortinet | fortios | 5.2.3 | |
| fortinet | fortios | 5.2.4 | |
| fortinet | fortios | 5.2.5 | |
| fortinet | fortios | 5.2.6 | |
| fortinet | fortios | 5.2.7 | |
| fortinet | fortios | 5.2.8 | |
| fortinet | fortios | 5.2.9 | |
| fortinet | fortios | 5.2.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E542BE2-14FC-4BA8-890C-7DA81F33F032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A5EC4-CE2C-4174-9F09-361B8D153AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BABC91-F9BF-4B52-BDBF-F9617ABCAC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C172379-F6BA-4343-831A-62004E742C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "516597D9-086E-4668-A40B-473F38125F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62F480B-D8CA-4F5C-8034-C0AE73F26B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F435F408-EC5B-42A0-9E3C-4DE5D702ACAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6615C7-C6F8-4E42-BA09-5A29A0B68E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C5917-BBC0-4924-9FB0-49E141DC9D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "513A1CAA-9B87-4CF5-9513-396E2E686CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "62CD94B3-C430-4672-BBEA-B8A542944F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91AA2061-5D28-4DCF-9126-8D5CE57D96F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FA9832-A573-489B-A26E-7A7DFC1E0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC836E7-DAA2-4FDB-9919-D5FF35E67C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E627C59-7C16-44F0-800D-A2E8A766B26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "233236FA-BB13-4261-BE2E-3E617406DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27844CC9-498B-4A65-91AC-AC130222EE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B4C672-7ED5-4113-87AE-5774D1263C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA3AA-AE46-4A55-91EE-9ADC187BF614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "05CB7A90-91BC-49AF-9B5C-EBD212484C64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864D3221-177B-43CE-BD7D-CB14A110268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31C186D6-6AC5-49EB-A701-C91358B4A25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC9F6C4-F887-4F25-87BD-383F6CF39806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F8558962-7A19-4F4A-BED0-9CB5D4CFC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EC63D521-EC88-4B13-BC73-3284F3FCF3A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad tipo XSS (Cross-Site-Scripting) almacenado en FortiOS de Fortinet, permite a los atacantes ejecutar c\u00f3digo o comandos no autorizados por medio del par\u00e1metro policy global-label."
}
],
"id": "CVE-2017-3128",
"lastModified": "2024-11-21T03:24:53.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-23T17:29:00.193",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98514"
},
{
"source": "psirt@fortinet.com",
"url": "http://www.securitytracker.com/id/1038541"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-057"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-15 14:15
Modified
2024-11-21 08:30
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-301 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-301 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24D09A92-81EC-4003-B017-C67FC739EEBF",
"versionEndIncluding": "7.2.6",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17FE168A-0EA4-467C-91D2-87EB6D83917A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de certificado incorrecta en Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6 y 7.4.0 - 7.4.1 permite que un atacante remoto y no autenticado realice un ataque Man-in-the-Middle en el Canal de comunicaci\u00f3n FortiLink entre el dispositivo FortiOS y FortiSwitch."
}
],
"id": "CVE-2023-47537",
"lastModified": "2024-11-21T08:30:25.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-15T14:15:45.240",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-301"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "psirt@fortinet.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-12 02:29
Modified
2024-11-21 03:24
Severity ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-17-104 | Vendor Advisory | |
| psirt@fortinet.com | https://www.exploit-db.com/exploits/42388/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100009 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039020 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-17-104 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42388/ | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A509FF43-9706-4EC7-B1D0-D3BF0569C9F6",
"versionEndIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS en su versi\u00f3n 5.6.0 y anteriores permite que atacantes remotos ejecuten c\u00f3digo o comandos sin autorizaci\u00f3n mediante el c\u00f3digo HTML de los mensajes de reemplazo para SSL-VPN."
}
],
"id": "CVE-2017-3133",
"lastModified": "2024-11-21T03:24:54.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-12T02:29:00.310",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42388/"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 19:15
Modified
2024-11-21 06:13
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-21-115 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-21-115 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | * | |
| fortinet | fortios | 7.0.0 | |
| fortinet | fortios | 7.0.1 | |
| fortinet | fortigate-1100e | - | |
| fortinet | fortigate-200f | - | |
| fortinet | fortigate-2600f | - | |
| fortinet | fortigate-3500f | - | |
| fortinet | fortigate-400e | - | |
| fortinet | fortigate-600e | - | |
| fortinet | fortigate_1800f | - | |
| fortinet | fortigate_2200e | - | |
| fortinet | fortigate_3300e | - | |
| fortinet | fortigate_3600e | - | |
| fortinet | fortigate_40f | - | |
| fortinet | fortigate_60f | - | |
| fortinet | fortigate_7121f | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6EF01D9-50FB-4300-87FB-132649A9AC51",
"versionEndIncluding": "6.0.13",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3",
"versionEndIncluding": "6.2.9",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88D6903E-70D0-4D63-BC68-BA37EE91BCB1",
"versionEndIncluding": "6.4.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79FEE7F6-F72E-4A43-883C-0CF492DF355B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDFDF02-2136-4DE0-A19B-FE3654ED90A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fortinet:fortigate-1100e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F428EE-70C1-440F-B16D-45D44A54FB9D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-200f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A07781B7-E990-4BF2-A828-441D556FF2DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-2600f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4039DD9E-DAB4-45A4-90A7-50D345038CB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-3500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FD4947-6A13-4C8D-B22C-96D96ACB2363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-400e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB3F963E-1CFE-4C7C-B44B-AF100592002E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate-600e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F034C1C3-E8D1-4426-BC5E-A6D25E31B497",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_1800f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76792D6F-B647-43A8-8A60-17BE35824BF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_2200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2A9D43-348B-45DB-94F7-825B29141F09",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCCA9CD-2B75-46AF-989C-C300CB53358E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_3600e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5015D2E8-8482-467A-96F4-65CBF0AFAC6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_40f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96C31DB1-CEBD-4796-9CF1-5D9D000A5A9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_60f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D32F0C5-2949-48B6-B9DD-F070DE11C803",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:fortinet:fortigate_7121f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1663D59-D804-44A4-B768-93BDF60F8DEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n firmware signature verification de FortiOS versiones 7.0.1, 7.0.0, 6.4.0 hasta 6.4.6, 6.2.0 hasta 6.2.9 y 6.0.0 hasta 6.0.13, puede permitir a un atacante ejecutar c\u00f3digo arbitrario por medio de im\u00e1genes de instalaci\u00f3n especialmente dise\u00f1adas"
}
],
"id": "CVE-2021-36173",
"lastModified": "2024-11-21T06:13:15.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T19:15:09.787",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-115"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-10 17:15
Modified
2024-11-21 08:12
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-120 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-120 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88",
"versionEndIncluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E44123-995C-4E08-84B5-FF8C76B67B29",
"versionEndIncluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61540F5B-080A-4D44-8BE0-75D7A0DCCB53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services."
},
{
"lang": "es",
"value": "Un uso del m\u00e9todo de solicitud GET con vulnerabilidad de cadenas de consulta confidenciales en Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 y 7.4.0 permite a un atacante ver contrase\u00f1as en texto plano de servicios remotos como RDP o VNC, si el atacante puede leer las solicitudes GET de esos servicios."
}
],
"id": "CVE-2023-37935",
"lastModified": "2024-11-21T08:12:30.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.267",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-120"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-598"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-29 18:29
Modified
2025-01-27 21:30
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-388 | Mitigation, Vendor Advisory | |
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-20-229 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-388 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-20-229 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2022-07-10",
"cisaExploitAdd": "2022-01-10",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Fortinet FortiOS and FortiProxy Out-of-bounds Write",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B47708E-8A92-4767-8685-49C3143D0920",
"versionEndExcluding": "1.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3DD97EA-92AD-4EB1-B731-261F40BFC4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC2097E-BA3D-4596-B4E4-5FB0DDCAE2FE",
"versionEndExcluding": "5.2.15",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B07B6E15-30AE-44E6-8009-A30FD3E5CCD3",
"versionEndExcluding": "5.4.13",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9093BE81-687C-4CCB-834A-BE49CEE367C5",
"versionEndExcluding": "5.6.11",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D37F1481-E7A7-4428-89C9-5DF9D206D056",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer de la pila en Fortinet FortiOS versi\u00f3n 6.0.0 hasta 6.0.4, versi\u00f3n 5.6.0 hasta 5.6.10, versi\u00f3n 5.4.0 hasta 5.4.12, versi\u00f3n 5.2.14 y anteriores y FortiProxy versi\u00f3n 2.0.0, versi\u00f3n 1.2.8 y anteriores en el portal web de SSL VPN puede provocar la finalizaci\u00f3n del servicio web de SSL VPN para los usuarios registrados debido a un fallo en el manejo de los datos href de javascript al proxiar las p\u00e1ginas web"
}
],
"id": "CVE-2018-13383",
"lastModified": "2025-01-27T21:30:37.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-29T18:29:00.693",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-388"
},
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-229"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-29 21:29
Modified
2024-11-21 03:46
Severity ?
Summary
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-18-085 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-18-085 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4836168A-6CD1-40DF-83E7-557E0CD6D3C0",
"versionEndIncluding": "5.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A02AE4-E5E0-4C92-AEFB-8149C7B3AA6C",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "5.6.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page."
},
{
"lang": "es",
"value": "Una vulnerabilidad de exposici\u00f3n a la informaci\u00f3n en Fortinet FortiOS versiones 6.0.1, 5.6.5 y posteriores, permite a los atacantes conocer la IP privada, adem\u00e1s de el nombre de host de FortiGate por medio de la p\u00e1gina bloqueo de control de aplicaciones (Application Control Block) ."
}
],
"id": "CVE-2018-13365",
"lastModified": "2024-11-21T03:46:58.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-29T21:29:00.840",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-085"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-10 20:59
Modified
2024-11-21 02:25
Severity ?
Summary
The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says "The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "823C8357-E638-4EAE-B231-3B60263FFE52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers\u0027 installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the Fortinet_Factory certificate and private key. NOTE: FG-IR-15-002 says \"The Fortinet_Factory certificate is unique to each device ... An attacker cannot therefore stage a MitM attack."
},
{
"lang": "es",
"value": "** DISPUTADA ** La implementaci\u00f3n del protocolo CAPWAP DTLS en Fortinet FortiOS 5.0 Patch 7 build 4457 utiliza el mismo certificado y clave privada a trav\u00e9s de las distintas instalaciones de los clientes, lo que hace que sea m\u00e1s f\u00e1cil para atacantes man-in-the-middle suplantar servidores SSL aprovechando la clave privada y certificado Fortinet_Factory. NOTA: FG-IR-15-002 dice \"El certificado Fortinet_Factory es \u00fanico para cada dispositivo ... Un atacante no puede por tanto perpetrar un ataque MitM\"."
}
],
"id": "CVE-2015-1571",
"lastModified": "2024-11-21T02:25:40.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-10T20:59:06.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-1451
Vulnerability from cvelistv5
Published
2015-02-02 16:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2015/Jan/125 | mailing-list, x_refsource_FULLDISC | |
| http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf | x_refsource_MISC | |
| http://www.fortiguard.com/advisory/FG-IR-15-002/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/61661 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/72383 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150129 Fortinet FortiOS Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"name": "61661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61661"
},
{
"name": "72383",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72383"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-16T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150129 Fortinet FortiOS Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"name": "61661",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61661"
},
{
"name": "72383",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72383"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150129 Fortinet FortiOS Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/125"
},
{
"name": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf",
"refsource": "MISC",
"url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf"
},
{
"name": "http://www.fortiguard.com/advisory/FG-IR-15-002/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-002/"
},
{
"name": "61661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61661"
},
{
"name": "72383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72383"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1451",
"datePublished": "2015-02-02T16:00:00",
"dateReserved": "2015-02-02T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33308
Vulnerability from cvelistv5
Published
2023-07-26 14:00
Modified
2024-10-23 13:07
Severity ?
EPSS score ?
Summary
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.2 Version: 7.0.0 ≤ 7.0.9 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-183",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-183"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:07:14.340046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:07:25.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T14:00:25.931Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-183",
"url": "https://fortiguard.com/psirt/FG-IR-23-183"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-33308",
"datePublished": "2023-07-26T14:00:25.931Z",
"dateReserved": "2023-05-22T07:58:22.197Z",
"dateUpdated": "2024-10-23T13:07:25.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3626
Vulnerability from cvelistv5
Published
2015-08-11 14:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.fortiguard.com/advisory/FG-IR-15-018/ | x_refsource_CONFIRM | |
| http://www.fortiguard.com/advisory/dhcp-hostname-html-injection | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1033144 | vdb-entry, x_refsource_SECTRACK | |
| http://fortiguard.com/advisory/dhcp-hostname-html-injection | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-018/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"name": "1033144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/dhcp-hostname-html-injection"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-018/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"name": "1033144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/dhcp-hostname-html-injection"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguard.com/advisory/FG-IR-15-018/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-018/"
},
{
"name": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/dhcp-hostname-html-injection"
},
{
"name": "1033144",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033144"
},
{
"name": "http://fortiguard.com/advisory/dhcp-hostname-html-injection",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/dhcp-hostname-html-injection"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3626",
"datePublished": "2015-08-11T14:00:00",
"dateReserved": "2015-04-30T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26007
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-01 23:52
Severity ?
EPSS score ?
Summary
An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T17:41:23.032103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:48:54.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-24-017",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T16:19:08.407Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-24-017",
"url": "https://fortiguard.com/psirt/FG-IR-24-017"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.2 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-26007",
"datePublished": "2024-05-14T16:19:08.407Z",
"dateReserved": "2024-02-14T09:18:43.245Z",
"dateUpdated": "2024-08-01T23:52:06.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36504
Vulnerability from cvelistv5
Published
2025-01-14 14:09
Modified
2025-02-18 21:38
Severity ?
EPSS score ?
Summary
An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.16 Version: 6.4.0 ≤ 6.4.15 cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T14:29:08.113154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T21:38:19.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:09:58.824Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-473",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-473"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-36504",
"datePublished": "2025-01-14T14:09:58.824Z",
"dateReserved": "2024-05-29T08:44:50.759Z",
"dateUpdated": "2025-02-18T21:38:19.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13365
Vulnerability from cvelistv5
Published
2019-05-29 20:50
Modified
2024-10-25 14:29
Severity ?
EPSS score ?
Summary
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-085 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: 6.0.1 Version: 5.6.5 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-085"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:56.158960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:29:53.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "5.6.5 and below"
}
]
}
],
"datePublic": "2018-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-29T20:50:19",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-085"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "6.0.1"
},
{
"version_value": "5.6.5 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-085",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-085"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13365",
"datePublished": "2019-05-29T20:50:19",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:29:53.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-48884
Vulnerability from cvelistv5
Published
2025-01-14 14:09
Modified
2025-01-16 16:15
Severity ?
EPSS score ?
Summary
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiManager |
Version: 7.6.0 ≤ 7.6.1 Version: 7.4.1 ≤ 7.4.3 cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:17:58.698254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:55:28.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.5",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.11",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.18",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory (\u0027path traversal\u0027) in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, 7.2.0 through 7.2.11, 7.0.0 through 7.0.18, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to trigger an escalation of privilege via specially crafted packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T16:15:35.420Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-259"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiRecorder version 7.2.2 or above \nPlease upgrade to FortiRecorder version 7.0.5 or above \nPlease upgrade to FortiProxy version 7.4.6 or above \nPlease upgrade to FortiProxy version 7.2.12 or above \nPlease upgrade to FortiProxy version 7.0.19 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.1 or above \nPlease upgrade to FortiWeb version 7.4.5 or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiVoice version 7.2.0 or above \nPlease upgrade to FortiVoice version 7.0.5 or above \nPlease upgrade to FortiVoice version 6.4.10 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-48884",
"datePublished": "2025-01-14T14:09:26.476Z",
"dateReserved": "2024-10-09T09:03:09.960Z",
"dateUpdated": "2025-01-16T16:15:35.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15936
Vulnerability from cvelistv5
Published
2022-03-01 18:25
Modified
2024-10-22 21:00
Severity ?
EPSS score ?
Summary
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-091 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:23.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-091"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-15936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:48.170163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T21:00:50.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 2.6,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-01T18:25:27",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-091"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2020-15936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Adjacent",
"availabilityImpact": "None",
"baseScore": 2.6,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-20-091",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-20-091"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-15936",
"datePublished": "2022-03-01T18:25:27",
"dateReserved": "2020-07-24T00:00:00",
"dateUpdated": "2024-10-22T21:00:50.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42790
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-09-17 14:08
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 Version: 2.0.0 ≤ 2.0.13 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-328",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-16T04:00:43.736004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:04:47.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.13",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T14:08:06.101Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-328",
"url": "https://fortiguard.com/psirt/FG-IR-23-328"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.2 or above\r\nPlease upgrade to FortiOS version 7.2.6 or above\r\nPlease upgrade to FortiOS version 7.0.13 or above\r\nPlease upgrade to FortiOS version 6.4.15 or above\r\nPlease upgrade to FortiOS version 6.2.16 or above\r\nPlease upgrade to FortiProxy version 7.4.1 or above\r\nPlease upgrade to FortiProxy version 7.2.7 or above\r\nPlease upgrade to FortiProxy version 7.0.13 or above\r\nPlease upgrade to FortiProxy version 2.0.14 or above\r\nFortinet in Q3/23 has remediated this issue in FortiSASE version 23.3.b and hence the customers need not perform any action."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-42790",
"datePublished": "2024-03-12T15:09:17.594Z",
"dateReserved": "2023-09-14T08:37:38.657Z",
"dateUpdated": "2024-09-17T14:08:06.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43080
Vulnerability from cvelistv5
Published
2022-09-06 15:15
Modified
2024-10-22 20:54
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-222 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-222"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-43080",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:09.640414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:54:00.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 4.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:F/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T15:15:23",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-43080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.5,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:F/RL:X/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-222",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-43080",
"datePublished": "2022-09-06T15:15:23",
"dateReserved": "2021-10-28T00:00:00",
"dateUpdated": "2024-10-22T20:54:00.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-6696
Vulnerability from cvelistv5
Published
2020-03-15 22:03
Modified
2024-10-25 14:02
Severity ?
EPSS score ?
Summary
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-19-179 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: 6.2.1 Version: 6.2.0 Version: 6.0.8 and below until 5.4.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:31:04.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-179"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-6696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:23.796547Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:02:33.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.0.8 and below until 5.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T22:03:22",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-6696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "6.2.1"
},
{
"version_value": "6.2.0"
},
{
"version_value": "6.0.8 and below until 5.4.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-19-179",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-19-179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-6696",
"datePublished": "2020-03-15T22:03:22",
"dateReserved": "2019-01-23T00:00:00",
"dateUpdated": "2024-10-25T14:02:33.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-7361
Vulnerability from cvelistv5
Published
2015-10-15 20:00
Modified
2024-08-06 07:43
Severity ?
EPSS score ?
Summary
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033093 | vdb-entry, x_refsource_SECTRACK | |
| http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled | x_refsource_CONFIRM | |
| http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:46.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033093"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1033093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033093"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033093",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033093"
},
{
"name": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
},
{
"name": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/zebos-routing-remote-shell-service-enabled"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7361",
"datePublished": "2015-10-15T20:00:00",
"dateReserved": "2015-09-25T00:00:00",
"dateUpdated": "2024-08-06T07:43:46.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43081
Vulnerability from cvelistv5
Published
2022-05-11 14:30
Modified
2024-10-22 20:57
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-230 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy |
Version: FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-230"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-43081",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:32.002056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:57:08.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "WORKAROUND",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 6,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:W/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-11T14:30:18",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-43081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0."
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS version 7.0.3 and below, 6.4.8 and below, 6.2.10 and below, 6.0.14 to 6.0.0. and in FortiProxy version 7.0.1 and below, 2.0.7 to 2.0.0 web filter override form may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 6,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:W/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-230",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-43081",
"datePublished": "2022-05-11T14:30:18",
"dateReserved": "2021-10-28T00:00:00",
"dateUpdated": "2024-10-22T20:57:08.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13383
Vulnerability from cvelistv5
Published
2019-05-29 17:20
Modified
2024-10-23 13:33
Severity ?
EPSS score ?
Summary
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-388 | x_refsource_CONFIRM | |
| https://fortiguard.com/advisory/FG-IR-20-229 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS and FortiProxy |
Version: FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-388"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-229"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13383",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:33:02.861324Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-01-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-13383"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:33:26.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS and FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier"
}
]
}
],
"datePublic": "2019-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-09T16:01:31",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-388"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-229"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS and FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier, FortiProxy 2.0.0, 1.2.8 and earlier"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "Low",
"baseScore": 4.2,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-388",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-388"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-20-229",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-20-229"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13383",
"datePublished": "2019-05-29T17:20:03",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-23T13:33:26.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26010
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2024-08-01 23:59
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiPAM |
Version: 1.2.0 Version: 1.1.0 ≤ 1.1.2 Version: 1.0.0 ≤ 1.0.3 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortipam",
"vendor": "fortinet",
"versions": [
{
"status": "affected",
"version": "1.2.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortipam",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortipam",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiswitchmanager:7.0.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiswitchmanager",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiswitchmanager",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "2.0.13",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T03:55:22.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:31.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "1.2.0"
},
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiSwitchManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.13",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:32:03.697Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-036"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-26010",
"datePublished": "2024-06-11T14:32:03.697Z",
"dateReserved": "2024-02-14T09:18:43.245Z",
"dateUpdated": "2024-08-01T23:59:31.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-37935
Vulnerability from cvelistv5
Published
2023-10-10 16:51
Modified
2024-09-19 20:22
Severity ?
EPSS score ?
Summary
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:23:27.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-120",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-120"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37935",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T20:21:44.903917Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T20:22:22.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-598",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:51:21.801Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-120",
"url": "https://fortiguard.com/psirt/FG-IR-23-120"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.1 or above Please upgrade to FortiOS version 7.2.6 or above Please upgrade to FortiOS version 7.0.13 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-37935",
"datePublished": "2023-10-10T16:51:21.801Z",
"dateReserved": "2023-07-11T08:16:54.092Z",
"dateUpdated": "2024-09-19T20:22:22.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-7738
Vulnerability from cvelistv5
Published
2017-12-13 22:00
Modified
2024-10-25 14:33
Severity ?
EPSS score ?
Summary
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/102151 | vdb-entry, x_refsource_BID | |
| https://fortiguard.com/advisory/FG-IR-17-172 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | FortiOS |
Version: 5.6.0 to 5.6.2 Version: 5.4.0 to 5.4.5 Version: 5.2 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:28.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102151",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102151"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-172"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-7738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:04:06.880918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:33:09.500Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0 to 5.6.2"
},
{
"status": "affected",
"version": "5.4.0 to 5.4.5"
},
{
"status": "affected",
"version": "5.2 and below"
}
]
}
],
"datePublic": "2017-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-14T10:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "102151",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102151"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2017-12-08T00:00:00",
"ID": "CVE-2017-7738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "5.6.0 to 5.6.2"
},
{
"version_value": "5.4.0 to 5.4.5"
},
{
"version_value": "5.2 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and below versions allow an admin user with super_admin privileges to view the current SSL VPN web portal session info which may contains user credentials through the fnsysctl CLI command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102151"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-17-172",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-7738",
"datePublished": "2017-12-13T22:00:00Z",
"dateReserved": "2017-04-12T00:00:00",
"dateUpdated": "2024-10-25T14:33:09.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-17544
Vulnerability from cvelistv5
Published
2019-04-09 15:40
Modified
2024-10-25 14:30
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-17-053 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107839 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:32.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-053"
},
{
"name": "107839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107839"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-17544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:03:59.615875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:30:50.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "\u003c 6.2.0"
}
]
}
],
"datePublic": "2019-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-06T02:54:52",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-053"
},
{
"name": "107839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2017-17544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "\u003c 6.2.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-17-053",
"refsource": "MISC",
"url": "https://fortiguard.com/advisory/FG-IR-17-053"
},
{
"name": "107839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-17544",
"datePublished": "2019-04-09T15:40:48",
"dateReserved": "2017-12-11T00:00:00",
"dateUpdated": "2024-10-25T14:30:50.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5586
Vulnerability from cvelistv5
Published
2019-06-04 21:39
Modified
2024-10-25 14:06
Severity ?
EPSS score ?
Summary
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-19-034 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/108610 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 5.2.0 to 6.0.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:50.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108610"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:51.816805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:06:19.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 5.2.0 to 6.0.4"
}
]
}
],
"datePublic": "2019-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"param\" parameter of the error process HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-23T19:12:06",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108610"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 5.2.0 to 6.0.4"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"param\" parameter of the error process HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-034",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108610"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5586",
"datePublished": "2019-06-04T21:39:52",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:06:19.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38378
Vulnerability from cvelistv5
Published
2023-02-16 18:06
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.7 Version: 6.4.0 ≤ 6.4.11 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-346",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-346"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:33.317354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:49:30.558Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.11",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users)\u00a0to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:36.339Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-346",
"url": "https://fortiguard.com/psirt/FG-IR-22-346"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.1 or above Please upgrade to FortiOS version 7.0.8 or above Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-38378",
"datePublished": "2023-02-16T18:06:36.339Z",
"dateReserved": "2022-08-16T14:17:48.481Z",
"dateUpdated": "2024-10-22T20:49:30.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8492
Vulnerability from cvelistv5
Published
2017-02-08 16:00
Modified
2024-10-25 14:40
Severity ?
EPSS score ?
Summary
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94480 | vdb-entry, x_refsource_BID | |
| https://fortiguard.com/advisory/FG-IR-16-067 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiGate |
Version: Before 5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:39.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94480",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94480"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-16-067"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-8492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:01:01.094290Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:40:52.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiGate",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "Before 5.0"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Disclosure of information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-27T14:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "94480",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94480"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-16-067"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2016-8492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiGate",
"version": {
"version_data": [
{
"version_value": "Before 5.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Disclosure of information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94480",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94480"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-16-067",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-16-067"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2016-8492",
"datePublished": "2017-02-08T16:00:00",
"dateReserved": "2016-10-07T00:00:00",
"dateUpdated": "2024-10-25T14:40:52.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5588
Vulnerability from cvelistv5
Published
2019-06-04 21:43
Modified
2024-10-25 14:06
Severity ?
EPSS score ?
Summary
A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "err" parameter of the error process HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-19-034 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/108618 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 6.0.0 to 6.0.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108618",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108618"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:50.619727Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:06:08.583Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.0.0 to 6.0.4"
}
]
}
],
"datePublic": "2019-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"err\" parameter of the error process HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-06T07:06:03",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108618",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.0.0 to 6.0.4"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the \"err\" parameter of the error process HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-034",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-034"
},
{
"name": "108618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5588",
"datePublished": "2019-06-04T21:43:15",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:06:08.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41330
Vulnerability from cvelistv5
Published
2023-04-11 16:05
Modified
2024-10-23 14:30
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:46.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-363",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-363"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:25.297377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:30:33.980Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.11",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page generation vulnerability (\u0027Cross-site Scripting\u0027) [CWE-79] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T16:05:38.973Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-363",
"url": "https://fortiguard.com/psirt/FG-IR-22-363"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above\r\nPlease upgrade to FortiOS version 6.2.13 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-41330",
"datePublished": "2023-04-11T16:05:38.973Z",
"dateReserved": "2022-09-23T15:07:35.782Z",
"dateUpdated": "2024-10-23T14:30:33.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43947
Vulnerability from cvelistv5
Published
2023-04-11 16:07
Modified
2024-10-22 20:47
Severity ?
EPSS score ?
Summary
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.10 Version: 6.4.0 ≤ 6.4.12 Version: 6.2.0 ≤ 6.2.13 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-444",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-444"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:15.478464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:47:20.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T16:07:03.597Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-444",
"url": "https://fortiguard.com/psirt/FG-IR-22-444"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiOS version 6.4.13 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-43947",
"datePublished": "2023-04-11T16:07:03.597Z",
"dateReserved": "2022-10-27T07:40:06.589Z",
"dateUpdated": "2024-10-22T20:47:20.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44171
Vulnerability from cvelistv5
Published
2022-10-10 00:00
Modified
2024-10-25 13:29
Severity ?
EPSS score ?
Summary
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-242"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-44171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:20.727785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:29:48.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of special elements used in an os command (\u0027os command injection\u0027) in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:X/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-10T00:00:00",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-21-242"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-44171",
"datePublished": "2022-10-10T00:00:00",
"dateReserved": "2021-11-23T00:00:00",
"dateUpdated": "2024-10-25T13:29:48.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-47537
Vulnerability from cvelistv5
Published
2024-02-15 13:59
Modified
2024-08-02 21:09
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"status": "affected",
"version": "6.4.0"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.4.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T13:43:02.127242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:26:31.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-301",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-301"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability in Fortinet FortiOS 7.0.0 - 7.0.13, 7.2.0 - 7.2.6, 7.4.0 - 7.4.1 and 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel between the FortiOS device and FortiSwitch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T10:01:53.833Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-301",
"url": "https://fortiguard.com/psirt/FG-IR-23-301"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.16 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-47537",
"datePublished": "2024-02-15T13:59:24.770Z",
"dateReserved": "2023-11-06T10:35:25.828Z",
"dateUpdated": "2024-08-02T21:09:37.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26109
Vulnerability from cvelistv5
Published
2021-12-08 12:22
Modified
2024-10-25 13:40
Severity ?
EPSS score ?
Summary
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-049 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS before 7.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-049"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:13:11.642018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:40:48.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS before 7.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T12:22:19",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-26109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS before 7.0.1"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 7.7,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-049",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-26109",
"datePublished": "2021-12-08T12:22:19",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-10-25T13:40:48.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41327
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 14:27
Severity ?
EPSS score ?
Summary
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.8 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:44.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-380",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-380"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41327",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:11:01.701994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:27:14.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:41.742Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-380",
"url": "https://fortiguard.com/psirt/FG-IR-22-380"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-41327",
"datePublished": "2023-06-13T08:41:41.742Z",
"dateReserved": "2022-09-23T15:07:35.780Z",
"dateUpdated": "2024-10-23T14:27:14.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42785
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:56
Severity ?
EPSS score ?
Summary
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.0 ≤ 7.0.16 Version: 6.4.0 ≤ 6.4.15 Version: 6.2.0 ≤ 6.2.16 Version: 6.0.0 ≤ 6.0.18 cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42785",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:23.669911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:56:29.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:47.926Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSASE version 23.4.a or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.6 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-42785",
"datePublished": "2025-01-14T14:08:47.926Z",
"dateReserved": "2023-09-14T08:37:38.657Z",
"dateUpdated": "2025-01-14T20:56:29.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26015
Vulnerability from cvelistv5
Published
2024-07-09 15:33
Modified
2024-08-01 23:59
Severity ?
EPSS score ?
Summary
An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.10 Version: 7.0.0 ≤ 7.0.18 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.1.0",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "7.3.0",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.1.0",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "7.3.0",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T16:00:34.064801Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T16:05:01.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:31.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.18",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit an unauthenticated attacker to bypass the IP blocklist via crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N/E:F/RL:W/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1389",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T15:33:30.260Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-446"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.4 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-26015",
"datePublished": "2024-07-09T15:33:30.260Z",
"dateReserved": "2024-02-14T09:18:43.246Z",
"dateUpdated": "2024-08-01T23:59:31.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26110
Vulnerability from cvelistv5
Published
2021-12-08 10:41
Modified
2024-10-25 13:42
Severity ?
EPSS score ?
Summary
An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-131 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-131"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:13:16.701692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:42:47.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS, FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.0.0, 6.4.6\u00a0and below, 6.2.9\u00a0and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T10:41:25",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-26110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS, FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS 7.0.0, 6.4.6\u00a0and below, 6.2.9\u00a0and below, 6.0.12 and below. FortiProxy 2.0.1 and below, 1.2.9 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-20-131",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-20-131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-26110",
"datePublished": "2021-12-08T10:41:25",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-10-25T13:42:47.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13371
Vulnerability from cvelistv5
Published
2020-04-02 13:29
Modified
2024-10-25 14:25
Severity ?
EPSS score ?
Summary
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-230 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Fortinet FortiOS |
Version: 6.2.0 and below versions Version: 5.6.7 and below Version: 5.4.10 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-230"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:03:37.755850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:25:45.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.2.0 and below versions"
},
{
"status": "affected",
"version": "5.6.7 and below"
},
{
"status": "affected",
"version": "5.4.10 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-02T13:29:07",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "6.2.0 and below versions"
},
{
"version_value": "5.6.7 and below"
},
{
"version_value": "5.4.10 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-230",
"refsource": "MISC",
"url": "https://fortiguard.com/advisory/FG-IR-18-230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13371",
"datePublished": "2020-04-02T13:29:07",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:25:45.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22299
Vulnerability from cvelistv5
Published
2022-08-05 15:23
Modified
2024-10-25 13:30
Severity ?
EPSS score ?
Summary
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-235 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiADC, FortiProxy, FortiMail, FortiOS |
Version: FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, ...[truncated*] |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-235"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-22299",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:25.586581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:30:31.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiADC, FortiProxy, FortiMail, FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, ...[truncated*]"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:23:52",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-235"
}
],
"x_ConverterErrors": {
"version_name": {
"error": "version_name too long. Use array of versions to record more than one version.",
"message": "Truncated!"
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2022-22299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiADC, FortiProxy, FortiMail, FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiADC 6.2.1, 6.2.0, 6.1.6, 6.1.5, 6.1.4, 6.1.3, 6.1.2, 6.1.1, 6.1.0, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0, 1.2.13, 1.2.12, 1.2.11, 1.2.10, 1.2.9, 1.2.8, 1.2.7, 1.2.6, 1.2.5, 1.2.4, 1.2.3, 1.2.2, 1.2.1, 1.2.0, 1.1.6, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.7, 1.0.6, 1.0.5, 1.0.4, 1.0.3, 1.0.2, 1.0.1, 1.0.0; FortiMail 7.0.2, 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0; FortiOS 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0, 5.4.13, 5.4.12, 5.4.11, 5.4.10, 5.4.9, 5.4.8, 5.4.7, 5.4.6, 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0, 5.2.15, 5.2.14, 5.2.13, 5.2.12, 5.2.11, 5.2.10, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.0.14, 5.0.13, 5.0.12, 5.0.11, 5.0.10, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.1, 5.0.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-235",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-22299",
"datePublished": "2022-08-05T15:23:52",
"dateReserved": "2022-01-03T00:00:00",
"dateUpdated": "2024-10-25T13:30:31.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4604
Vulnerability from cvelistv5
Published
2013-06-25 14:00
Modified
2024-09-16 23:00
Severity ?
EPSS score ?
Summary
Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.fortiguard.com/advisory/FGA-2013-20/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:26.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2013-20/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-25T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/FGA-2013-20/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguard.com/advisory/FGA-2013-20/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FGA-2013-20/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4604",
"datePublished": "2013-06-25T14:00:00Z",
"dateReserved": "2013-06-13T00:00:00Z",
"dateUpdated": "2024-09-16T23:00:24.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3128
Vulnerability from cvelistv5
Published
2017-05-23 17:00
Modified
2024-10-25 14:35
Severity ?
EPSS score ?
Summary
A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-17-057 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038541 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/98514 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: 5.0.0-5.0.14, 5.2.0-5.2.10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-057"
},
{
"name": "1038541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038541"
},
{
"name": "98514",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98514"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:54.112191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:35:09.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.0.0-5.0.14, 5.2.0-5.2.10"
}
]
}
],
"datePublic": "2017-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-057"
},
{
"name": "1038541",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038541"
},
{
"name": "98514",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2017-3128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "5.0.0-5.0.14, 5.2.0-5.2.10"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-17-057",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-17-057"
},
{
"name": "1038541",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038541"
},
{
"name": "98514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-3128",
"datePublished": "2017-05-23T17:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-10-25T14:35:09.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26103
Vulnerability from cvelistv5
Published
2021-12-08 12:01
Modified
2024-10-25 13:41
Severity ?
EPSS score ?
Summary
An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-158 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-158"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26103",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:57:43.763511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:41:21.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 6.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T12:01:12",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-158"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-26103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient verification of data authenticity vulnerability (CWE-345) in the user interface of FortiProxy verison 2.0.3 and below, 1.2.11 and below and FortiGate verison 7.0.0, 6.4.6 and below, 6.2.9 and below of SSL VPN portal may allow a remote, unauthenticated attacker to conduct a cross-site request forgery (CSRF) attack . Only SSL VPN in web mode or full mode are impacted by this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "Low",
"baseScore": 6.2,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-20-158",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-20-158"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-26103",
"datePublished": "2021-12-08T12:01:12",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-10-25T13:41:21.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3130
Vulnerability from cvelistv5
Published
2017-08-10 21:00
Modified
2024-10-25 14:33
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-17-073 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/100211 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | Fortinet FortiOS |
Version: FortiOS 5.6.0, 5.4.4 and below versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-073"
},
{
"name": "100211",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100211"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:10:03.405299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:33:41.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "FortiOS 5.6.0, 5.4.4 and below versions"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-073"
},
{
"name": "100211",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100211"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 5.6.0, 5.4.4 and below versions"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-17-073",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-073"
},
{
"name": "100211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100211"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-3130",
"datePublished": "2017-08-10T21:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-10-25T14:33:41.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-44170
Vulnerability from cvelistv5
Published
2022-07-18 16:35
Modified
2024-10-25 13:31
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-179 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiProxy, FortiOS |
Version: FortiOS before 7.0.4; FortiProxy before 2.0.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-179"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-44170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:34.314692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:31:34.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiProxy, FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS before 7.0.4; FortiProxy before 2.0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-18T16:35:11",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-44170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiProxy, FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS before 7.0.4; FortiProxy before 2.0.8"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Local",
"availabilityImpact": "High",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-179",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-44170",
"datePublished": "2022-07-18T16:35:11",
"dateReserved": "2021-11-23T00:00:00",
"dateUpdated": "2024-10-25T13:31:34.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26122
Vulnerability from cvelistv5
Published
2022-11-02 00:00
Modified
2024-10-22 20:53
Severity ?
EPSS score ?
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet AV Engine, FortiMail, FortiOS, FortiClient |
Version: AV Engine version 6.2.168 and below and version 6.4.274 and below. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:05.845844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:53:22.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet AV Engine, FortiMail, FortiOS, FortiClient",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "AV Engine version 6.2.168 and below and version 6.4.274 and below."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "REASONABLE",
"scope": "CHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:U/RC:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-02T00:00:00",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-074"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-26122",
"datePublished": "2022-11-02T00:00:00",
"dateReserved": "2022-02-25T00:00:00",
"dateUpdated": "2024-10-22T20:53:22.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-23111
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2024-08-19 05:18
Severity ?
EPSS score ?
Summary
An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.13 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "2.1.0",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThan": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThan": "6.5.0",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T03:55:22.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:51:11.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input during web page Generation (\u0027Cross-site Scripting\u0027) vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions reboot page may allow a remote privileged attacker with super-admin access to execute JavaScript code via crafted HTTP GET requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T05:18:38.679Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-471"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.15 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23111",
"datePublished": "2024-06-11T14:32:00.312Z",
"dateReserved": "2024-01-11T16:29:07.979Z",
"dateUpdated": "2024-08-19T05:18:38.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-44247
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 19:59
Severity ?
EPSS score ?
Summary
A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.2.*",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.*",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T17:43:59.945995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:39.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:59:52.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-195",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-195"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T16:19:13.178Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-195",
"url": "https://fortiguard.com/psirt/FG-IR-23-195"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.0.0 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-44247",
"datePublished": "2024-05-14T16:19:13.178Z",
"dateReserved": "2023-09-27T12:26:48.749Z",
"dateUpdated": "2024-08-02T19:59:52.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-30307
Vulnerability from cvelistv5
Published
2022-11-02 00:00
Modified
2024-10-22 20:53
Severity ?
EPSS score ?
Summary
A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:35.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-228"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:04.544950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:53:14.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "REASONABLE",
"scope": "UNCHANGED",
"temporalScore": 3.8,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:X/RL:U/RC:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-02T00:00:00",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-228"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-30307",
"datePublished": "2022-11-02T00:00:00",
"dateReserved": "2022-05-06T00:00:00",
"dateUpdated": "2024-10-22T20:53:14.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50563
Vulnerability from cvelistv5
Published
2025-01-16 09:16
Modified
2025-01-16 14:14
Severity ?
EPSS score ?
Summary
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiAnalyzer |
Version: 7.6.0 ≤ 7.6.1 Version: 7.4.1 ≤ 7.4.3 cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50563",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T14:14:02.872070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T14:14:17.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortianalyzer:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiAnalyzer",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.6.1",
"status": "affected",
"version": "7.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1390",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T09:16:52.864Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-221",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-221"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiManager Cloud version 7.6.2 or above \nPlease upgrade to FortiManager Cloud version 7.4.4 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above \nPlease upgrade to FortiOS version 7.0.16 or above \nPlease upgrade to FortiAnalyzer version 7.6.2 or above \nPlease upgrade to FortiAnalyzer version 7.4.4 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.6.2 or above \nPlease upgrade to FortiAnalyzer Cloud version 7.4.4 or above \nPlease upgrade to FortiManager version 7.6.2 or above \nPlease upgrade to FortiManager version 7.4.4 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.5 or above \nPlease upgrade to FortiProxy version 7.2.11 or above \nPlease upgrade to FortiProxy version 7.0.18 or above \nPlease upgrade to FortiProxy version 2.0.15 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-50563",
"datePublished": "2025-01-16T09:16:52.864Z",
"dateReserved": "2024-10-24T11:52:14.401Z",
"dateUpdated": "2025-01-16T14:14:17.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-29054
Vulnerability from cvelistv5
Published
2023-02-16 18:07
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.7 Version: 6.4.0 ≤ 6.4.9 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.16 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:58.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-080",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-080"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:29.615605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:49:05.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A missing cryptographic steps vulnerability [CWE-325]\u00a0in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an\u00a0attacker in\u00a0possession of the encrypted key to decipher it."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-329",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:07:34.488Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-080",
"url": "https://fortiguard.com/psirt/FG-IR-22-080"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.1 or above\r\nPlease upgrade to FortiOS version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-29054",
"datePublished": "2023-02-16T18:07:34.488Z",
"dateReserved": "2022-04-11T13:56:39.869Z",
"dateUpdated": "2024-10-22T20:49:05.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42469
Vulnerability from cvelistv5
Published
2023-04-11 16:07
Modified
2024-10-22 20:47
Severity ?
EPSS score ?
Summary
A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:10:40.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-381",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-381"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:12.625808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:47:05.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A permissive list of allowed inputs vulnerability [CWE-183] in FortiGate version 7.2.3 and below, version 7.0.9 and below Policy-based NGFW Mode may allow an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:F/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-183",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T16:07:17.688Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-381",
"url": "https://fortiguard.com/psirt/FG-IR-22-381"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.11 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-42469",
"datePublished": "2023-04-11T16:07:17.688Z",
"dateReserved": "2022-10-07T14:05:36.300Z",
"dateUpdated": "2024-10-22T20:47:05.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-35279
Vulnerability from cvelistv5
Published
2025-02-11 16:09
Modified
2025-02-14 04:55
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.4 Version: 7.2.4 ≤ 7.2.8 cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T04:55:19.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T16:09:02.911Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-160",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-160"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.9 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-35279",
"datePublished": "2025-02-11T16:09:02.911Z",
"dateReserved": "2024-05-14T21:15:19.190Z",
"dateUpdated": "2025-02-14T04:55:19.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14190
Vulnerability from cvelistv5
Published
2018-01-29 16:00
Modified
2024-10-25 14:10
Severity ?
EPSS score ?
Summary
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted "Host" header in user HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1040284 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/102779 | vdb-entry, x_refsource_BID | |
| https://fortiguard.com/advisory/FG-IR-17-262 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | FortiOS |
Version: 5.6.0 to 5.6.2 Version: 5.4.0 to 5.4.7 Version: 5.2 and all earlier versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:20:41.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040284"
},
{
"name": "102779",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102779"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-262"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-14190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:23.608294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:10:07.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0 to 5.6.2"
},
{
"status": "affected",
"version": "5.4.0 to 5.4.7"
},
{
"status": "affected",
"version": "5.2 and all earlier versions."
}
]
}
],
"datePublic": "2018-01-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted \"Host\" header in user HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-30T10:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "1040284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040284"
},
{
"name": "102779",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102779"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2018-01-22T00:00:00",
"ID": "CVE-2017-14190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "5.6.0 to 5.6.2"
},
{
"version_value": "5.4.0 to 5.4.7"
},
{
"version_value": "5.2 and all earlier versions."
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web script or HTML via maliciously crafted \"Host\" header in user HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040284",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040284"
},
{
"name": "102779",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102779"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-17-262",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-14190",
"datePublished": "2018-01-29T16:00:00Z",
"dateReserved": "2017-09-07T00:00:00",
"dateUpdated": "2024-10-25T14:10:07.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33305
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiWeb |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.6 Version: 6.4.0 ≤ 6.4.3 Version: 6.3.0 ≤ 6.3.23 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-375",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-375"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:17:54.739280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:45:10.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiWeb",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.3",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.3.23",
"status": "affected",
"version": "6.3.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.13",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.6.14",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.13",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.15",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.0.14",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A loop with unreachable exit condition (\u0027infinite loop\u0027) in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0 through 7.2.3, FortiProxy version 7.0.0 through 7.0.9, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions, FortiWeb version 7.2.0 through 7.2.1, FortiWeb version 7.0.0 through 7.0.6, FortiWeb 6.4 all versions, FortiWeb 6.3 all versions allows attacker to perform a denial of service via specially crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:H/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:49.501Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-375",
"url": "https://fortiguard.com/psirt/FG-IR-22-375"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiPAM version 1.0.0 or above\r\nPlease upgrade to FortiWeb version 7.2.2 or above\r\nPlease upgrade to FortiWeb version 7.0.7 or above\r\nPlease upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-33305",
"datePublished": "2023-06-13T08:41:49.501Z",
"dateReserved": "2023-05-22T07:58:22.197Z",
"dateUpdated": "2024-10-22T20:45:10.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36641
Vulnerability from cvelistv5
Published
2023-11-14 18:05
Modified
2024-08-30 18:21
Severity ?
EPSS score ?
Summary
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 Version: 2.0.0 ≤ 2.0.13 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:52:54.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-151",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-151"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T18:21:33.734110Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T18:21:45.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.13",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-197",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T18:05:00.645Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-151",
"url": "https://fortiguard.com/psirt/FG-IR-23-151"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSASE version 23.3.b or above \nPlease upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiOS version 7.0.13 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-36641",
"datePublished": "2023-11-14T18:05:00.645Z",
"dateReserved": "2023-06-25T18:03:39.228Z",
"dateUpdated": "2024-08-30T18:21:45.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3133
Vulnerability from cvelistv5
Published
2017-09-12 02:00
Modified
2024-10-25 14:12
Severity ?
EPSS score ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/100009 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039020 | vdb-entry, x_refsource_SECTRACK | |
| https://fortiguard.com/advisory/FG-IR-17-104 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/42388/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | Fortinet FortiOS |
Version: FortiOS versions 5.6.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100009",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"name": "1039020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"name": "42388",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42388/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:40.211296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:12:25.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "FortiOS versions 5.6.0 and earlier"
}
]
}
],
"datePublic": "2017-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-12T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "100009",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100009"
},
{
"name": "1039020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"name": "42388",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42388/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2017-09-11T00:00:00",
"ID": "CVE-2017-3133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS versions 5.6.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100009"
},
{
"name": "1039020",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039020"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-17-104",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-104"
},
{
"name": "42388",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42388/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-3133",
"datePublished": "2017-09-12T02:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-10-25T14:12:25.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-21762
Vulnerability from cvelistv5
Published
2024-02-09 08:14
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.14 Version: 2.0.0 ≤ 2.0.13 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "2.0.14",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "6.2.16",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21762",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-12T17:59:22.915991Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-02-09",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-21762"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:45.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-24-015",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-24-015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.13",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T08:14:25.954Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-24-015",
"url": "https://fortiguard.com/psirt/FG-IR-24-015"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiProxy version 7.2.9 or above \nPlease upgrade to FortiProxy version 7.0.15 or above \nPlease upgrade to FortiProxy version 2.0.14 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.3 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.14 or above \nPlease upgrade to FortiOS version 6.4.15 or above \nPlease upgrade to FortiOS version 6.2.16 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-21762",
"datePublished": "2024-02-09T08:14:25.954Z",
"dateReserved": "2024-01-02T10:15:00.527Z",
"dateUpdated": "2024-08-01T22:27:36.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42474
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:46
Severity ?
EPSS score ?
Summary
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiSwitchManager |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.1 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:10:40.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-393",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-393"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42474",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:03.538716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:46:07.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiSwitchManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.1",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:42.277Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-393",
"url": "https://fortiguard.com/psirt/FG-IR-22-393"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.12 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-42474",
"datePublished": "2023-06-13T08:41:42.277Z",
"dateReserved": "2022-10-07T14:05:36.301Z",
"dateUpdated": "2024-10-22T20:46:07.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0941
Vulnerability from cvelistv5
Published
2018-02-08 23:00
Modified
2024-08-06 18:45
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list.
References
| ▼ | URL | Tags |
|---|---|---|
| https://securitytracker.com/id/1026594 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/72761 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.org/files/109168/VL-144.txt | x_refsource_MISC | |
| https://www.vulnerability-lab.com/get_content.php?id=144 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/51708 | vdb-entry, x_refsource_BID | |
| https://fortiguard.com/psirt/FG-IR-012-001 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:25.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "https://securitytracker.com/id/1026594"
},
{
"name": "fortigateutm-fieldssortedopt-xss(72761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/files/109168/VL-144.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
},
{
"name": "51708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log\u0026Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-09T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1026594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "https://securitytracker.com/id/1026594"
},
{
"name": "fortigateutm-fieldssortedopt-xss(72761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/files/109168/VL-144.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
},
{
"name": "51708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log\u0026Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026594",
"refsource": "SECTRACK",
"url": "https://securitytracker.com/id/1026594"
},
{
"name": "fortigateutm-fieldssortedopt-xss(72761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"name": "http://packetstormsecurity.org/files/109168/VL-144.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/109168/VL-144.txt"
},
{
"name": "https://www.vulnerability-lab.com/get_content.php?id=144",
"refsource": "MISC",
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
},
{
"name": "51708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51708"
},
{
"name": "https://fortiguard.com/psirt/FG-IR-012-001",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0941",
"datePublished": "2018-02-08T23:00:00",
"dateReserved": "2012-01-31T00:00:00",
"dateUpdated": "2024-08-06T18:45:25.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-52963
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:57
Severity ?
EPSS score ?
Summary
A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.5 Version: 7.2.0 ≤ 7.2.13 Version: 7.0.0 ≤ 7.0.20 Version: 2.0.0 ≤ 2.0.14 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52963",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:33.947500Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:57:21.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.5",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.13",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.20",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.6",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "1.4.2",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "1.3.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.2.0"
},
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:31.001Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-373",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-373"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.1 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-52963",
"datePublished": "2025-01-14T14:08:31.001Z",
"dateReserved": "2024-11-18T13:36:52.465Z",
"dateUpdated": "2025-01-14T20:57:21.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12812
Vulnerability from cvelistv5
Published
2020-07-24 22:28
Modified
2025-02-04 19:26
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-19-283 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Fortinet FortiOS |
Version: FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-283"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-12812",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T19:26:01.888241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-12812"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T19:26:06.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-24T22:28:43.000Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-283"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2020-12812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-19-283",
"refsource": "MISC",
"url": "https://fortiguard.com/psirt/FG-IR-19-283"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-12812",
"datePublished": "2020-07-24T22:28:43.000Z",
"dateReserved": "2020-05-12T00:00:00.000Z",
"dateUpdated": "2025-02-04T19:26:06.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14182
Vulnerability from cvelistv5
Published
2017-10-27 13:00
Modified
2024-10-25 14:11
Severity ?
EPSS score ?
Summary
A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the 'params' parameter of the JSON web API.
References
| ▼ | URL | Tags |
|---|---|---|
| http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1039678 | vdb-entry, x_refsource_SECTRACK | |
| https://fortiguard.com/psirt/FG-IR-17-206 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/101559 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:20:41.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html"
},
{
"name": "1039678",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039678"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-206"
},
{
"name": "101559",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101559"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-14182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:32.114830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:11:08.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0"
}
]
}
],
"datePublic": "2017-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the \u0027params\u0027 parameter of the JSON web API."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-30T14:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html"
},
{
"name": "1039678",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039678"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-206"
},
{
"name": "101559",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101559"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2017-14182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service (DoS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 allows an authenticated user to cause the web GUI to be temporarily unresponsive, via passing a specially crafted payload to the \u0027params\u0027 parameter of the JSON web API."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html",
"refsource": "MISC",
"url": "http://code610.blogspot.com/2017/10/patch-your-fortinet-cve-2017-14182.html"
},
{
"name": "1039678",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039678"
},
{
"name": "https://fortiguard.com/psirt/FG-IR-17-206",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-17-206"
},
{
"name": "101559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101559"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-14182",
"datePublished": "2017-10-27T13:00:00",
"dateReserved": "2017-09-07T00:00:00",
"dateUpdated": "2024-10-25T14:11:08.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28001
Vulnerability from cvelistv5
Published
2023-07-11 16:52
Modified
2024-10-22 20:41
Severity ?
EPSS score ?
Summary
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-028",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-028"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:17:50.886475Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:41:43.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T16:52:46.709Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-028",
"url": "https://fortiguard.com/psirt/FG-IR-23-028"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-28001",
"datePublished": "2023-07-11T16:52:46.709Z",
"dateReserved": "2023-03-09T10:09:33.120Z",
"dateUpdated": "2024-10-22T20:41:43.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-7542
Vulnerability from cvelistv5
Published
2017-03-30 14:00
Modified
2024-10-25 14:35
Severity ?
EPSS score ?
Summary
A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94690 | vdb-entry, x_refsource_BID | |
| http://fortiguard.com/advisory/FG-IR-16-050 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037394 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:54.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94690"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-050"
},
{
"name": "1037394",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037394"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-7542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:57.607119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:35:34.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.2.0 - 5.2.9, 5.4.1"
}
]
}
],
"datePublic": "2016-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "94690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94690"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-050"
},
{
"name": "1037394",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2016-7542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "5.2.0 - 5.2.9, 5.4.1"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94690"
},
{
"name": "http://fortiguard.com/advisory/FG-IR-16-050",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/FG-IR-16-050"
},
{
"name": "1037394",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2016-7542",
"datePublished": "2017-03-30T14:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-10-25T14:35:34.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-29010
Vulnerability from cvelistv5
Published
2025-03-17 13:06
Modified
2025-03-17 13:32
Severity ?
EPSS score ?
Summary
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. The sensitive data includes usernames, user groups, and IP address.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 6.2.1 ≤ 6.2.4 Version: 6.0.0 ≤ 6.0.10 cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-29010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:32:32.365720Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:32:38.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.2.4",
"status": "affected",
"version": "6.2.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing \"get vpn ssl monitor\" from the CLI. The sensitive data includes usernames, user groups, and IP address."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:F/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:06:16.993Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-103",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-103"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiGate version 6.0.11 or above. \r\nPlease upgrade to FortiGate version 6.2.5 or above.\r\nPlease upgrade to FortiGate version 6.4.2 or above."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-29010",
"datePublished": "2025-03-17T13:06:16.993Z",
"dateReserved": "2020-11-24T00:00:00.000Z",
"dateUpdated": "2025-03-17T13:32:38.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-35843
Vulnerability from cvelistv5
Published
2022-12-06 16:00
Modified
2024-10-23 14:51
Severity ?
EPSS score ?
Summary
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 Version: 7.0.0 ≤ 7.0.6 Version: 6.4.0 ≤ 6.4.9 Version: 6.2.0 ≤ 6.2.12 Version: 6.0.0 ≤ 6.0.15 Version: 6.2.0 ≤ Version: 6.0.0 ≤ |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:22.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-255",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-255"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35843",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:12:06.335689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T14:51:54.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.15",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThan": "6.2.*",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThan": "6.0.*",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.10",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-06T16:00:33.269Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-255",
"url": "https://fortiguard.com/psirt/FG-IR-22-255"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.2 or above\r\nPlease upgrade to FortiOS version 7.0.8 or above\r\nPlease upgrade to FortiOS version 6.4.10 or above\n\r\nPlease upgrade to FortiProxy version 7.0.7 or above\r\nPlease upgrade to FortiProxy version 2.0.11 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-35843",
"datePublished": "2022-12-06T16:00:33.269Z",
"dateReserved": "2022-07-13T20:38:49.332Z",
"dateUpdated": "2024-10-23T14:51:54.623Z",
"requesterUserId": "a0475cc0-be89-4a25-97b3-d1b8023a8677",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-42475
Vulnerability from cvelistv5
Published
2023-01-02 08:18
Modified
2024-10-23 13:27
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.1 Version: 7.0.0 ≤ 7.0.7 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 Version: 1.0.0 ≤ 1.0.7 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:10:40.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-398",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-398"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-42475",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:26:56.926267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-12-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-42475"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:27:24.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.1",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.11",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.15",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.6.14",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.13",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.2.15",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.0.14",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability [CWE-122]\u00a0in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-197",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-02T08:18:49.444Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-398",
"url": "https://fortiguard.com/psirt/FG-IR-22-398"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.3 or above\r\nPlease upgrade to FortiOS version 7.0.9 or above\r\nPlease upgrade to FortiOS version 6.4.11 or above\r\nPlease upgrade to FortiOS version 6.2.12 or above\r\nPlease upgrade to FortiOS version 6.0.16 or above\r\nPlease upgrade to upcoming FortiOS-6K7K version 7.0.8 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.10 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.0.15 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to upcoming FortiProxy version 2.0.12 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-42475",
"datePublished": "2023-01-02T08:18:49.444Z",
"dateReserved": "2022-10-07T14:05:36.301Z",
"dateUpdated": "2024-10-23T13:27:24.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-21754
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.10 Version: 7.0.0 ≤ 7.0.17 Version: 2.0.0 ≤ 2.0.14 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21754",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T16:13:02.843870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T16:13:16.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.17",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a\u00a0privileged attacker with super-admin profile and CLI access to decrypting the backup file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 1.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N/E:F/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:32:01.335Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.4.3 or above \nPlease upgrade to FortiOS version 7.4.4 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-21754",
"datePublished": "2024-06-11T14:32:01.335Z",
"dateReserved": "2024-01-02T10:15:00.526Z",
"dateUpdated": "2024-08-01T22:27:36.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-42755
Vulnerability from cvelistv5
Published
2022-07-18 16:35
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-155 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy |
Version: FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10\u00a0and below; FortiOS 7.0.2 and below, 6.4.8\u00a0and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10\u00a0and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-18T16:35:20",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-42755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10\u00a0and below; FortiOS 7.0.2 and below, 6.4.8\u00a0and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10\u00a0and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Adjacent",
"availabilityImpact": "Low",
"baseScore": 4.2,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:F/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-155",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-42755",
"datePublished": "2022-07-18T16:35:20",
"dateReserved": "2021-10-20T00:00:00",
"dateUpdated": "2024-08-04T03:38:50.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41328
Vulnerability from cvelistv5
Published
2023-03-07 16:04
Modified
2024-10-23 13:26
Severity ?
EPSS score ?
Summary
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:42:46.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-369",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-369"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41328",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:25:59.359904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-03-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-41328"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:26:26.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.11",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper limitation of a pathname to a restricted directory vulnerability (\u0027path traversal\u0027) [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-07T16:04:52.461Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-369",
"url": "https://fortiguard.com/psirt/FG-IR-22-369"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.12 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-41328",
"datePublished": "2023-03-07T16:04:52.461Z",
"dateReserved": "2022-09-23T15:07:35.781Z",
"dateUpdated": "2024-10-23T13:26:26.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-33510
Vulnerability from cvelistv5
Published
2024-11-12 18:53
Modified
2024-11-13 18:45
Severity ?
EPSS score ?
Summary
An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.8 Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-33510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T18:45:31.685889Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:45:40.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.8",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0improper neutralization of special elements in output used by a downstream component (\u0027Injection\u0027) vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:53:45.839Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-033",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-033"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiProxy version 7.4.4 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-33510",
"datePublished": "2024-11-12T18:53:45.839Z",
"dateReserved": "2024-04-23T14:18:29.831Z",
"dateUpdated": "2024-11-13T18:45:40.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6909
Vulnerability from cvelistv5
Published
2016-08-24 16:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER.
References
| ▼ | URL | Tags |
|---|---|---|
| http://fortiguard.com/advisory/FG-IR-16-023 | x_refsource_CONFIRM | |
| https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1036643 | vdb-entry, x_refsource_SECTRACK | |
| http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/40276/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/92523 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"name": "1036643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036643"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"name": "40276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"name": "92523",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-08-24T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"name": "1036643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036643"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"name": "40276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"name": "92523",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://fortiguard.com/advisory/FG-IR-16-023",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"name": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html",
"refsource": "MISC",
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"name": "1036643",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036643"
},
{
"name": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138387/EGREGIOUSBLUNDER-Fortigate-Remote-Code-Execution.html"
},
{
"name": "40276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"name": "92523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6909",
"datePublished": "2016-08-24T16:00:00",
"dateReserved": "2016-08-22T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26092
Vulnerability from cvelistv5
Published
2022-02-24 02:45
Modified
2024-10-22 21:01
Severity ?
EPSS score ?
Summary
Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-20-199 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:19.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-199"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:50.615447Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T21:01:11.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS, FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 4.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-24T02:45:57",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-199"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-26092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS, FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to perform a reflected Cross-site Scripting (XSS) attack by sending a request to the error page with malicious GET parameters."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:F/RL:X/RC:X",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-20-199",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-20-199"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-26092",
"datePublished": "2022-02-24T02:45:57",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-10-22T21:01:11.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12820
Vulnerability from cvelistv5
Published
2024-12-19 10:57
Modified
2024-12-20 17:25
Severity ?
EPSS score ?
Summary
Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 6.0.0 ≤ 6.0.10 Version: 5.6.0 ≤ 5.6.12 cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-12820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T17:24:49.607607Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T17:25:13.362Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.6.12",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T10:57:31.517Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-083",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-083"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS versions 5.6.13 or above.\r\nPlease upgrade to FortiOS versions 6.0.11 or above. \r\nFortiOS versions 6.2.0 and above are not impacted. \r\nFortiOS versions 6.4.0 and above are not impacted. \r\nWorkaround: \r\nPlease ensure that Fortiheartbeat and Endpoint-Compliance are not both enabled on the same interface. \r\nFortiHeartbeat and Endpoint-Compliance can be disabled on a particular interface by following the below CLI commands:\r\nconfig system interface\r\nedit interface\r\nset endpoint-compliance disable (\u003c-- Disabled by default)\r\nset fortiheartbeat disable\r\nnext\r\nend"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-12820",
"datePublished": "2024-12-19T10:57:31.517Z",
"dateReserved": "2020-05-12T00:00:00.000Z",
"dateUpdated": "2024-12-20T17:25:13.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9195
Vulnerability from cvelistv5
Published
2019-11-21 14:59
Modified
2024-10-25 14:05
Severity ?
EPSS score ?
Summary
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-100 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiClient for Windows |
Version: FortiClient for Windows 6.0.6 and below |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-9195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:44.386046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:05:09.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiClient for Windows",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiClient for Windows 6.0.6 and below"
}
]
},
{
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.0.7 and below"
}
]
},
{
"product": "FortiClient for Mac OS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiClient for Mac OS 6.2.1 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T20:52:33",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-9195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiClient for Windows",
"version": {
"version_data": [
{
"version_value": "FortiClient for Windows 6.0.6 and below"
}
]
}
},
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.0.7 and below"
}
]
}
},
{
"product_name": "FortiClient for Mac OS",
"version": {
"version_data": [
{
"version_value": "FortiClient for Mac OS 6.2.1 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-100",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-9195",
"datePublished": "2019-11-21T14:59:52",
"dateReserved": "2018-04-02T00:00:00",
"dateUpdated": "2024-10-25T14:05:09.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36555
Vulnerability from cvelistv5
Published
2023-10-10 16:48
Modified
2024-09-18 18:10
Severity ?
EPSS score ?
Summary
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:52:53.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-104",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-104"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36555",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:10:14.675356Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:10:30.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:48:32.638Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-104",
"url": "https://fortiguard.com/psirt/FG-IR-23-104"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.6 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-36555",
"datePublished": "2023-10-10T16:48:32.638Z",
"dateReserved": "2023-06-23T14:57:30.033Z",
"dateUpdated": "2024-09-18T18:10:30.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40680
Vulnerability from cvelistv5
Published
2022-12-06 16:00
Modified
2024-10-22 20:51
Severity ?
EPSS score ?
Summary
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.0.0 ≤ 7.0.1 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-248",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-248"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:53.836074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:51:47.554Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.1",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.15",
"status": "affected",
"version": "6.0.7",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) in Fortinet FortiOS 6.0.7 - 6.0.15, 6.2.2 - 6.2.12, 6.4.0 - 6.4.9 and 7.0.0 - 7.0.3 allows a privileged attacker to execute unauthorized code or commands via storing malicious payloads in replacement messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-06T16:00:38.136Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-248",
"url": "https://fortiguard.com/psirt/FG-IR-21-248"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.2\r\nPlease upgrade to FortiOS version 7.0.7\r\nPlease upgrade to FortiOS version 6.4.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-40680",
"datePublished": "2022-12-06T16:00:38.136Z",
"dateReserved": "2022-09-14T13:17:43.617Z",
"dateUpdated": "2024-10-22T20:51:47.554Z",
"requesterUserId": "a0475cc0-be89-4a25-97b3-d1b8023a8677",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46720
Vulnerability from cvelistv5
Published
2024-06-11 14:32
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.6",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.9",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.13",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46720",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T03:55:22.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:20.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.13",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:32:00.582Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-356"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-46720",
"datePublished": "2024-06-11T14:32:00.582Z",
"dateReserved": "2023-10-25T08:43:15.290Z",
"dateUpdated": "2024-08-02T20:53:20.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4570
Vulnerability from cvelistv5
Published
2005-12-29 11:00
Modified
2024-08-07 23:53
Severity ?
EPSS score ?
Summary
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.fortinet.com/FortiGuardCenter/VU226364.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/15997 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18446 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/0182 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:53:27.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortinet.com/FortiGuardCenter/VU226364.html"
},
{
"name": "15997",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15997"
},
{
"name": "18446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18446"
},
{
"name": "ADV-2006-0182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-17T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortinet.com/FortiGuardCenter/VU226364.html"
},
{
"name": "15997",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15997"
},
{
"name": "18446",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18446"
},
{
"name": "ADV-2006-0182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortinet.com/FortiGuardCenter/VU226364.html",
"refsource": "CONFIRM",
"url": "http://www.fortinet.com/FortiGuardCenter/VU226364.html"
},
{
"name": "15997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15997"
},
{
"name": "18446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18446"
},
{
"name": "ADV-2006-0182",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4570",
"datePublished": "2005-12-29T11:00:00",
"dateReserved": "2005-12-29T00:00:00",
"dateUpdated": "2024-08-07T23:53:27.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-26108
Vulnerability from cvelistv5
Published
2021-12-08 12:16
Modified
2024-10-25 13:40
Severity ?
EPSS score ?
Summary
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-051 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS before 7.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-051"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-26108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:16:05.959830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:40:59.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS before 7.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T12:16:03",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-26108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS before 7.0.1"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-051",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-26108",
"datePublished": "2021-12-08T12:16:03",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-10-25T13:40:59.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-48784
Vulnerability from cvelistv5
Published
2024-04-09 14:24
Modified
2024-08-02 21:37
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "6.4.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:13.846617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T18:30:37.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:37:54.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-413",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-413"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A\u00a0use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and below, version 7.2.7 and below, 7.0 all versions, 6.4 all versions command line interface may allow a local\u00a0privileged attacker with super-admin profile and CLI access\u00a0to execute arbitrary code or commands via specially crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-17T12:06:09.751Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-413",
"url": "https://fortiguard.com/psirt/FG-IR-23-413"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-48784",
"datePublished": "2024-04-09T14:24:24.971Z",
"dateReserved": "2023-11-19T19:58:38.554Z",
"dateUpdated": "2024-08-02T21:37:54.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1880
Vulnerability from cvelistv5
Published
2015-05-12 19:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032261 | vdb-entry, x_refsource_SECTRACK | |
| http://www.fortiguard.com/advisory/FG-IR-15-005/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/74652 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032265 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032264 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032262 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032261",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"name": "74652",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74652"
},
{
"name": "1032265",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032265"
},
{
"name": "1032264",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032264"
},
{
"name": "1032262",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032261",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"name": "74652",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74652"
},
{
"name": "1032265",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032265"
},
{
"name": "1032264",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032264"
},
{
"name": "1032262",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032261",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032261"
},
{
"name": "http://www.fortiguard.com/advisory/FG-IR-15-005/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-005/"
},
{
"name": "74652",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74652"
},
{
"name": "1032265",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032265"
},
{
"name": "1032264",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032264"
},
{
"name": "1032262",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1880",
"datePublished": "2015-05-12T19:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-15937
Vulnerability from cvelistv5
Published
2021-03-03 15:45
Modified
2024-10-25 14:00
Severity ?
EPSS score ?
Summary
An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-20-068 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 6.4.1, 6.2.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:30:23.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-068"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-15937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:04.326001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:00:13.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.4.1, 6.2.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-03T15:45:56",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-20-068"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2020-15937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.4.1, 6.2.5"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker to perform a stored cross site scripting attack (XSS) via the IPS and WAF logs dashboard."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-20-068",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-20-068"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-15937",
"datePublished": "2021-03-03T15:45:56",
"dateReserved": "2020-07-24T00:00:00",
"dateUpdated": "2024-10-25T14:00:13.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43206
Vulnerability from cvelistv5
Published
2022-05-04 15:25
Modified
2024-10-22 20:57
Severity ?
EPSS score ?
Summary
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-231 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy |
Version: FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-231"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-43206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:35.576131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:57:35.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS, FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy\u0027s client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-04T15:25:26",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-21-231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-43206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS, FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0; FortiProxy 7.0.1, 7.0.0, 2.0.7, 2.0.6, 2.0.5, 2.0.4, 2.0.3, 2.0.2, 2.0.1, 2.0.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy\u0027s client username and IP via same origin HTTP requests triggering proxy-generated HTTP status codes pages."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "Required",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-21-231",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-21-231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-43206",
"datePublished": "2022-05-04T15:25:26",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-10-22T20:57:35.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38380
Vulnerability from cvelistv5
Published
2022-11-02 00:00
Modified
2024-10-22 20:52
Severity ?
EPSS score ?
Summary
An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.2.0, 7.0.7, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:54:03.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-174"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-38380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:00.406483Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:52:46.827Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.2.0, 7.0.7, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 4.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:F/RL:X/RC:X",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-02T00:00:00",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-174"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-38380",
"datePublished": "2022-11-02T00:00:00",
"dateReserved": "2022-08-16T00:00:00",
"dateUpdated": "2024-10-22T20:52:46.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-46669
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:56
Severity ?
EPSS score ?
Summary
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.10 cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:26.892124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:56:51.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:37.297Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-267",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-267"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiSASE version 24.4.a or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-46669",
"datePublished": "2025-01-14T14:08:37.297Z",
"dateReserved": "2024-09-11T12:14:59.204Z",
"dateUpdated": "2025-01-14T20:56:51.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-46665
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:57
Severity ?
EPSS score ?
Summary
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.6.0 Version: 7.4.0 ≤ 7.4.4 cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46665",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:36.897456Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:57:35.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:26.784Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-326",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-326"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-46665",
"datePublished": "2025-01-14T14:08:26.784Z",
"dateReserved": "2024-09-11T12:14:59.204Z",
"dateUpdated": "2025-01-14T20:57:35.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-7739
Vulnerability from cvelistv5
Published
2017-11-13 14:00
Modified
2024-10-25 14:10
Severity ?
EPSS score ?
Summary
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim's browser via sending a maliciously crafted URL to the victim.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101679 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039741 | vdb-entry, x_refsource_SECTRACK | |
| https://fortiguard.com/advisory/FG-IR-17-168 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | FortiOS |
Version: 5.6.0 Version: 5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0 Version: 5.2.11, 5.2.10, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:28.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101679"
},
{
"name": "1039741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039741"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-168"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-7739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:28.749939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:10:42.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "5.6.0"
},
{
"status": "affected",
"version": "5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0"
},
{
"status": "affected",
"version": "5.2.11, 5.2.10, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim\u0027s browser via sending a maliciously crafted URL to the victim."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site Scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "101679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101679"
},
{
"name": "1039741",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039741"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-168"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2017-11-03T00:00:00",
"ID": "CVE-2017-7739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "5.6.0"
},
{
"version_value": "5.4.5, 5.4.4, 5.4.3, 5.4.2, 5.4.1, 5.4.0"
},
{
"version_value": "5.2.11, 5.2.10, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim\u0027s browser via sending a maliciously crafted URL to the victim."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101679"
},
{
"name": "1039741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039741"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-17-168",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-168"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-7739",
"datePublished": "2017-11-13T14:00:00Z",
"dateReserved": "2017-04-12T00:00:00",
"dateUpdated": "2024-10-25T14:10:42.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27997
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-23 13:18
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS-6K7K |
Version: 7.0.10 Version: 7.0.5 Version: 6.4.12 Version: 6.4.10 Version: 6.4.8 Version: 6.4.6 Version: 6.4.2 Version: 6.2.9 ≤ 6.2.13 Version: 6.2.6 ≤ 6.2.7 Version: 6.2.4 Version: 6.0.12 ≤ 6.0.16 Version: 6.0.10 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-097",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-097"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27997",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:18:08.089433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-06-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-27997"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:18:14.745Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS-6K7K",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.0.10"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.4.12"
},
{
"status": "affected",
"version": "6.4.10"
},
{
"status": "affected",
"version": "6.4.8"
},
{
"status": "affected",
"version": "6.4.6"
},
{
"status": "affected",
"version": "6.4.2"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.7",
"status": "affected",
"version": "6.2.6",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.2.4"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.12",
"versionType": "semver"
},
{
"status": "affected",
"version": "6.0.10"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.13",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:47.415Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-097",
"url": "https://fortiguard.com/psirt/FG-IR-23-097"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS-6K7K version 7.0.12 or above\r\nPlease upgrade to FortiOS-6K7K version 6.4.13 or above\r\nPlease upgrade to FortiOS-6K7K version 6.2.15 or above\r\nPlease upgrade to FortiOS-6K7K version 6.0.17 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above\r\nPlease upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.12 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiOS version 6.2.14 or above\r\nPlease upgrade to FortiOS version 6.0.17 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-27997",
"datePublished": "2023-06-13T08:41:47.415Z",
"dateReserved": "2023-03-09T10:09:33.119Z",
"dateUpdated": "2024-10-23T13:18:14.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40684
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-10-23 13:28
Severity ?
EPSS score ?
Summary
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS, FortiProxy, FortiSwitchManager |
Version: FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-377"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40684",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:27:43.070187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-10-11",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-40684"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:28:36.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS, FortiProxy, FortiSwitchManager",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.2.1, 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiProxy 7.2.0, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0; FortiSwitchManager 7.2.0, 7.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 9.6,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T00:00:00",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-377"
},
{
"url": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html"
},
{
"url": "http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-40684",
"datePublished": "2022-10-18T00:00:00",
"dateReserved": "2022-09-14T00:00:00",
"dateUpdated": "2024-10-23T13:28:36.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5593
Vulnerability from cvelistv5
Published
2020-01-23 16:50
Modified
2024-10-25 14:04
Severity ?
EPSS score ?
Summary
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-19-134 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Fortinet FortiOS |
Version: FortiOS 6.2.0 to 6.2.1, 6.0.6 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-134"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5593",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:38.518298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:04:22.039Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.2.0 to 6.2.1, 6.0.6 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system\u0027s builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T16:50:43",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-134"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.2.0 to 6.2.1, 6.0.6 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system\u0027s builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-19-134",
"refsource": "MISC",
"url": "https://fortiguard.com/psirt/FG-IR-19-134"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5593",
"datePublished": "2020-01-23T16:50:43",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:04:22.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3058
Vulnerability from cvelistv5
Published
2006-02-14 19:00
Modified
2024-08-07 22:53
Severity ?
EPSS score ?
Summary
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/424858/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24626 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/16599 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18844 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.fortiguard.com/advisory/FGA-2006-10.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2006/0539 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2006-10.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3058",
"datePublished": "2006-02-14T19:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-27491
Vulnerability from cvelistv5
Published
2022-09-06 15:10
Modified
2024-10-22 20:54
Severity ?
EPSS score ?
Summary
A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of "blocked page" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-22-073 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:57.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-073"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:19:15.747870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:54:44.887Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of \"blocked page\" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 6.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:F/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-06T15:10:09",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2022-27491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 7.2.0, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.9, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.14, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of \"blocked page\" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "High",
"attackVector": "Network",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:F/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-073",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-22-073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-27491",
"datePublished": "2022-09-06T15:10:10",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-10-22T20:54:44.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9194
Vulnerability from cvelistv5
Published
2018-09-05 13:00
Modified
2024-10-25 14:08
Severity ?
EPSS score ?
Summary
A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used.
References
| ▼ | URL | Tags |
|---|---|---|
| https://robotattack.org/ | x_refsource_MISC | |
| https://fortiguard.com/advisory/FG-IR-17-302 | x_refsource_CONFIRM | |
| https://www.kb.cert.org/vuls/id/144389 | third-party-advisory, x_refsource_CERT-VN |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | FortiOS |
Version: 6.0.1, 6.0.0 Version: 5.4.9, 5.4.8, 5.4.7, 5.4.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-9194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:10.318413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:08:00.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "6.0.1, 6.0.0"
},
{
"status": "affected",
"version": "5.4.9, 5.4.8, 5.4.7, 5.4.6"
}
]
}
],
"datePublic": "2018-08-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server\u0027s private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-05T12:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC": "2018-08-27T00:00:00",
"ID": "CVE-2018-9194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "6.0.1, 6.0.0"
},
{
"version_value": "5.4.9, 5.4.8, 5.4.7, 5.4.6"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server\u0027s private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"url": "https://robotattack.org/"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-17-302",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-17-302"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/144389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-9194",
"datePublished": "2018-09-05T13:00:00Z",
"dateReserved": "2018-04-02T00:00:00",
"dateUpdated": "2024-10-25T14:08:00.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5965
Vulnerability from cvelistv5
Published
2015-08-11 14:00
Modified
2024-08-06 07:06
Severity ?
EPSS score ?
Summary
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/76065 | vdb-entry, x_refsource_BID | |
| http://www.fortiguard.com/advisory/FG-IR-15-016/ | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1033256 | vdb-entry, x_refsource_SECTRACK | |
| https://security.gentoo.org/glsa/201508-01 | vendor-advisory, x_refsource_GENTOO | |
| https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:06:34.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "76065",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-016/"
},
{
"name": "1033256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033256"
},
{
"name": "GLSA-201508-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "76065",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-15-016/"
},
{
"name": "1033256",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033256"
},
{
"name": "GLSA-201508-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a crafted MAC field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76065"
},
{
"name": "http://www.fortiguard.com/advisory/FG-IR-15-016/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-016/"
},
{
"name": "1033256",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033256"
},
{
"name": "GLSA-201508-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201508-01"
},
{
"name": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends",
"refsource": "MISC",
"url": "https://vivaldi.net/en-US/blogs/entry/the-poodle-has-friends"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5965",
"datePublished": "2015-08-11T14:00:00",
"dateReserved": "2015-08-11T00:00:00",
"dateUpdated": "2024-08-06T07:06:34.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29182
Vulnerability from cvelistv5
Published
2023-08-17 09:42
Modified
2024-10-08 17:19
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-149",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-149"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:12:44.376599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:19:27.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability [CWE-121]\u00a0in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-17T09:42:26.038Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-149",
"url": "https://fortiguard.com/psirt/FG-IR-23-149"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.0 or above\r\nPlease upgrade to FortiOS version 7.0.4 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-29182",
"datePublished": "2023-08-17T09:42:26.038Z",
"dateReserved": "2023-04-03T08:47:30.452Z",
"dateUpdated": "2024-10-08T17:19:27.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41677
Vulnerability from cvelistv5
Published
2024-04-09 14:24
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 Version: 6.4.0 ≤ 6.4.14 Version: 6.2.0 ≤ 6.2.15 Version: 6.0.0 ≤ 6.0.18 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:14.917820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T15:15:27.451Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-493",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17 allows attacker to execute unauthorized code or commands via targeted social engineering attack"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T08:10:53.751Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-493",
"url": "https://fortiguard.com/psirt/FG-IR-23-493"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSASE version 23.4.a or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.7 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiOS version 6.4.15 or above \nPlease upgrade to FortiOS version 6.2.16 or above \nPlease upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.8 or above \nPlease upgrade to FortiProxy version 7.0.14 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-41677",
"datePublished": "2024-04-09T14:24:21.614Z",
"dateReserved": "2023-08-30T13:42:39.547Z",
"dateUpdated": "2024-08-02T19:01:35.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46717
Vulnerability from cvelistv5
Published
2024-03-12 15:09
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T18:16:24.708690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T18:16:30.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-424",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T15:09:19.790Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-424",
"url": "https://fortiguard.com/psirt/FG-IR-23-424"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS 7.4.2 or above\nPlease upgrade to FortiOS 7.2.7 or above\nPlease upgrade to ForitOS 7.0.13 or above\n\r\n\r\nWorkaround- Disable push notifications for FortiAuthenticator:\n\r\n\r\nFor RADIUS Authentication (From FortiAuthenticator)- ## RADIUS Service \u003e Policies \u003e (select policy) \u003e Authentication Factors \u003e Advanced Options \u003e \n## Allow FortiToken Mobile push notifications \n(*disable)*\n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-46717",
"datePublished": "2024-03-12T15:09:19.790Z",
"dateReserved": "2023-10-25T08:43:15.290Z",
"dateUpdated": "2024-08-02T20:53:21.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33307
Vulnerability from cvelistv5
Published
2023-06-16 09:40
Modified
2024-10-22 20:41
Severity ?
EPSS score ?
Summary
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:39:36.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-015",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:17:52.005676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:41:52.598Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-16T09:40:11.023Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-015",
"url": "https://fortiguard.com/psirt/FG-IR-23-015"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-33307",
"datePublished": "2023-06-16T09:40:11.023Z",
"dateReserved": "2023-05-22T07:58:22.197Z",
"dateUpdated": "2024-10-22T20:41:52.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41675
Vulnerability from cvelistv5
Published
2023-10-10 16:49
Modified
2024-09-18 20:04
Severity ?
EPSS score ?
Summary
A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.10 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-184",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-184"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41675",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T20:02:08.865165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T20:04:30.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.8",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:49:55.789Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-184",
"url": "https://fortiguard.com/psirt/FG-IR-23-184"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\r\nPlease upgrade to FortiProxy version 7.2.3 or above\r\nPlease upgrade to FortiProxy version 7.0.9 or above\nFortiSASE is no longer impacted, issue remediated Q2/23"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-41675",
"datePublished": "2023-10-10T16:49:55.789Z",
"dateReserved": "2023-08-30T13:42:39.547Z",
"dateUpdated": "2024-09-18T20:04:30.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42786
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:56
Severity ?
EPSS score ?
Summary
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.5 Version: 7.0.0 ≤ 7.0.16 Version: 6.4.0 ≤ 6.4.15 Version: 6.2.0 ≤ 6.2.16 Version: 6.0.0 ≤ 6.0.18 cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42786",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:17.589625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:56:06.441Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:51.276Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-293"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSASE version 23.4.a or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.6 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-42786",
"datePublished": "2025-01-14T14:08:51.276Z",
"dateReserved": "2023-09-14T08:37:38.657Z",
"dateUpdated": "2025-01-14T20:56:06.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40718
Vulnerability from cvelistv5
Published
2023-10-10 16:49
Modified
2024-09-18 19:03
Severity ?
EPSS score ?
Summary
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | IPS Engine |
Version: 7.321 Version: 7.166 Version: 6.158 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios_ips_engine",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.321",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.166",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.158",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:59:54.335454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T19:03:01.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Engine",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.321"
},
{
"status": "affected",
"version": "7.166"
},
{
"status": "affected",
"version": "6.158"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:49:04.727Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"solutions": [
{
"lang": "en",
"value": "IPS Engine manual download is not needed unless device is offline and cannot download IPS Engine update automatically.\nFixed in IPS Engine version 6.0159 and later.\r\n\u00a0 FortiOS 6.4.13 and later contains IPS engine 6.0160 as the default IPS Engine.\r\n\u00a0 IPS Engine 6.0162 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 6.4.x.\nFixed in IPS Engine version 7.0166 and later.\r\n\u00a0 FortiOS 7.0.12 and later contains IPS engine 7.0167 as the default IPS Engine.\nFixed in IPS Engine version 7.0313 and later.\r\n\u00a0 FortiOS 7.2.5 and later contains IPS engine 7.0314 as the default IPS Engine.\r\n\u00a0 IPS Engine 7.0322 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 7.2.x.\nFortiOS 7.4.0 and later contains IPS engine 7.0493 as the default IPS Engine.\n\u00a0"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-40718",
"datePublished": "2023-10-10T16:49:04.727Z",
"dateReserved": "2023-08-21T09:03:44.315Z",
"dateUpdated": "2024-09-18T19:03:01.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1909
Vulnerability from cvelistv5
Published
2016-01-15 20:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2016/Jan/26 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1034663 | vdb-entry, x_refsource_SECTRACK | |
| https://twitter.com/esizkur/status/686842135501508608 | x_refsource_MISC | |
| http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/39224/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:40.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios"
},
{
"name": "20160111 SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html"
},
{
"name": "1034663",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034663"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/esizkur/status/686842135501508608"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability"
},
{
"name": "39224",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39224/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-13T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios"
},
{
"name": "20160111 SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html"
},
{
"name": "1034663",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034663"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/esizkur/status/686842135501508608"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability"
},
{
"name": "39224",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39224/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios",
"refsource": "CONFIRM",
"url": "http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios"
},
{
"name": "20160111 SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/26"
},
{
"name": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html"
},
{
"name": "1034663",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034663"
},
{
"name": "https://twitter.com/esizkur/status/686842135501508608",
"refsource": "MISC",
"url": "https://twitter.com/esizkur/status/686842135501508608"
},
{
"name": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability"
},
{
"name": "39224",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39224/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1909",
"datePublished": "2016-01-15T20:00:00",
"dateReserved": "2016-01-15T00:00:00",
"dateUpdated": "2024-08-05T23:10:40.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-36505
Vulnerability from cvelistv5
Published
2024-08-13 15:51
Modified
2024-08-15 14:16
Severity ?
EPSS score ?
Summary
An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T14:16:37.203552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:16:57.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.13",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hypothetical exploit) to bypass the file integrity checking system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T15:51:56.981Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-012",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-012"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-36505",
"datePublished": "2024-08-13T15:51:56.981Z",
"dateReserved": "2024-05-29T08:44:50.759Z",
"dateUpdated": "2024-08-15T14:16:57.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-24472
Vulnerability from cvelistv5
Published
2025-02-11 16:50
Modified
2025-03-18 22:20
Severity ?
EPSS score ?
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24472",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T18:32:10.857001Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-18",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T22:20:23.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-18T00:00:00+00:00",
"value": "CVE-2025-24472 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.19",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote attacker to gain super-admin privileges via crafted CSF proxy requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T16:50:42.207Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.0.17 or above \nPlease upgrade to FortiProxy version 7.2.13 or above \nPlease upgrade to FortiProxy version 7.0.20 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-24472",
"datePublished": "2025-02-11T16:50:42.207Z",
"dateReserved": "2025-01-21T20:48:07.886Z",
"dateUpdated": "2025-03-18T22:20:23.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-39948
Vulnerability from cvelistv5
Published
2023-02-16 18:06
Modified
2024-10-22 20:49
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 through 7.0.6, 2.0 all versions, 1.2 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.0.0 ≤ 7.0.6 Version: 2.0.0 ≤ 2.0.11 Version: 1.2.0 ≤ 1.2.13 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:07:42.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-257",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-257"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:18:34.434332Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:49:38.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.6",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.11",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.11",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.12",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.16",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all versions, 6.2\u00a0all versions, 6.0\u00a0all versions and FortiProxy 7.0.0 through 7.0.6, 2.0\u00a0all versions, 1.2\u00a0all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiOS/FortiProxy device and remote servers hosting threat feeds (when the latter are configured as Fabric connectors in FortiOS/FortiProxy)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:U/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T18:06:29.870Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-257",
"url": "https://fortiguard.com/psirt/FG-IR-22-257"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.2.0 or above Please upgrade to FortiProxy version 7.0.7 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.8 or above "
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2022-39948",
"datePublished": "2023-02-16T18:06:29.870Z",
"dateReserved": "2022-09-05T13:11:35.552Z",
"dateUpdated": "2024-10-22T20:49:38.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46715
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:55
Severity ?
EPSS score ?
Summary
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.6 Version: 7.0.0 ≤ 7.0.12 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:15:14.692340Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:55:58.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.10",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:52.045Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-407",
"url": "https://fortiguard.com/psirt/FG-IR-23-407"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiSASE version 22.4 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-46715",
"datePublished": "2025-01-14T14:08:52.045Z",
"dateReserved": "2023-10-25T08:43:15.290Z",
"dateUpdated": "2025-01-14T20:55:58.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-46670
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-14 20:56
Severity ?
EPSS score ?
Summary
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.6.0 Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.9 cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:18:06.282792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:56:44.074Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.5",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.11",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.18",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "1.4.1",
"status": "affected",
"version": "1.4.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.3.0"
},
{
"status": "affected",
"version": "1.2.0"
},
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:41.759Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-266",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-266"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSASE version 24.3.c or above \nPlease upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-46670",
"datePublished": "2025-01-14T14:08:41.759Z",
"dateReserved": "2024-09-11T12:14:59.205Z",
"dateUpdated": "2025-01-14T20:56:44.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46714
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 20:53
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T18:38:21.376226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:20.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:20.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-415",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-415"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.6",
"status": "affected",
"version": "7.2.1",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T16:19:13.614Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-415",
"url": "https://fortiguard.com/psirt/FG-IR-23-415"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiAuthenticator version 6.6.1 or above \nPlease upgrade to FortiAuthenticator version 6.5.5 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-46714",
"datePublished": "2024-05-14T16:19:13.614Z",
"dateReserved": "2023-10-25T08:43:15.289Z",
"dateUpdated": "2024-08-02T20:53:20.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13366
Vulnerability from cvelistv5
Published
2019-04-09 16:20
Modified
2024-10-25 14:30
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-101 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: 6.0.1 Version: 5.6.7 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-101"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:57.602345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:30:39.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "5.6.7 and below"
}
]
}
],
"datePublic": "2018-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T16:20:13",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-101"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "6.0.1"
},
{
"version_value": "5.6.7 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-101",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-101"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13366",
"datePublished": "2019-04-09T16:20:13",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:30:39.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17655
Vulnerability from cvelistv5
Published
2020-06-16 20:14
Modified
2024-10-25 14:24
Severity ?
EPSS score ?
Summary
A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on the targeted device's system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-19-217 | x_refsource_CONFIRM | |
| https://fortiguard.com/psirt/FG-IR-20-224 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS and FortiProxy |
Version: FortiOS 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:13.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-217"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-224"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-17655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:47.722910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:24:59.077Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS and FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user\u0027s credentials should that attacker be able to read the session file stored on the targeted device\u0027s system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-09T15:59:48",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-217"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-20-224"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-17655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS and FortiProxy",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cleartext storage in a file or on disk (CWE-313) vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user\u0027s credentials should that attacker be able to read the session file stored on the targeted device\u0027s system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Network",
"availabilityImpact": "None",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-19-217",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-19-217"
},
{
"name": "https://fortiguard.com/psirt/FG-IR-20-224",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-20-224"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-17655",
"datePublished": "2020-06-16T20:14:55",
"dateReserved": "2019-10-16T00:00:00",
"dateUpdated": "2024-10-25T14:24:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-40591
Vulnerability from cvelistv5
Published
2025-02-11 16:09
Modified
2025-02-14 04:55
Severity ?
EPSS score ?
Summary
An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 7.6.0 Version: 7.4.0 ≤ 7.4.4 Version: 7.2.0 ≤ 7.2.9 Version: 7.0.0 ≤ 7.0.15 Version: 6.4.0 ≤ 6.4.15 cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40591",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T04:55:21.558Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.6.0"
},
{
"lessThanOrEqual": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.15",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T16:09:02.843Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-302",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-302"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.6.1 or above \nPlease upgrade to FortiOS version 7.4.5 or above \nPlease upgrade to FortiOS version 7.2.10 or above \nPlease upgrade to FortiOS version 7.0.16 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-40591",
"datePublished": "2025-02-11T16:09:02.843Z",
"dateReserved": "2024-07-05T11:55:50.011Z",
"dateUpdated": "2025-02-14T04:55:21.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26011
Vulnerability from cvelistv5
Published
2024-11-12 18:53
Modified
2024-11-13 18:44
Severity ?
EPSS score ?
Summary
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiManager |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.4 Version: 7.0.0 ≤ 7.0.11 Version: 6.4.0 ≤ 6.4.14 cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T18:44:31.679521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:44:42.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.14",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiSwitchManager",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortipam:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "1.2.0"
},
{
"lessThanOrEqual": "1.1.2",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.9",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.19",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.7",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiPortal",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.0.14",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.3.8",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.3",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.0 through 7.0.3, FortiPortal version 6.0.0 through 6.0.14, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T18:53:56.665Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-032",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-032"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiManager version 7.4.3 or above \nPlease upgrade to FortiManager version 7.2.5 or above \nPlease upgrade to FortiManager version 7.0.12 or above \nPlease upgrade to FortiManager version 6.4.15 or above \nPlease upgrade to FortiVoice version 7.0.2 or above \nPlease upgrade to FortiVoice version 6.4.9 or above \nPlease upgrade to FortiSwitchManager version 7.2.4 or above \nPlease upgrade to FortiSwitchManager version 7.0.4 or above \nPlease upgrade to FortiWeb version 7.6.0 or above \nPlease upgrade to FortiWeb version 7.4.3 or above \nPlease upgrade to FortiPAM version 1.3.0 or above \nPlease upgrade to FortiAuthenticator version 7.0.0 or above \nPlease upgrade to FortiProxy version 7.4.4 or above \nPlease upgrade to FortiProxy version 7.2.10 or above \nPlease upgrade to FortiPortal version 6.0.15 or above \nPlease upgrade to FortiOS version 7.6.0 or above \nPlease upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.15 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-26011",
"datePublished": "2024-11-12T18:53:56.665Z",
"dateReserved": "2024-02-14T09:18:43.245Z",
"dateUpdated": "2024-11-13T18:44:42.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13367
Vulnerability from cvelistv5
Published
2019-08-23 20:02
Modified
2024-10-25 14:28
Severity ?
EPSS score ?
Summary
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-18-173 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-173"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:53.747664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:28:49.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.2.0 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T12:39:59",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "6.2.3"
},
{
"version_value": "6.2.0 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-18-173",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13367",
"datePublished": "2019-08-23T20:02:58",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:28:49.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13384
Vulnerability from cvelistv5
Published
2019-06-04 20:38
Modified
2024-10-25 14:06
Severity ?
EPSS score ?
Summary
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-19-002 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS all versions below 6.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:54.584287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:06:40.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS all versions below 6.0.5"
}
]
}
],
"datePublic": "2019-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-04T20:38:13",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS all versions below 6.0.5"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-002",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13384",
"datePublished": "2019-06-04T20:38:13",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:06:40.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3978
Vulnerability from cvelistv5
Published
2016-04-08 14:00
Modified
2024-09-16 19:46
Severity ?
EPSS score ?
Summary
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Mar/68 | mailing-list, x_refsource_FULLDISC | |
| http://www.securitytracker.com/id/1035332 | vdb-entry, x_refsource_SECTRACK | |
| http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/68"
},
{
"name": "1035332",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035332"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the \"redirect\" parameter to \"login.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-08T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/68"
},
{
"name": "1035332",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035332"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the \"redirect\" parameter to \"login.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Mar/68"
},
{
"name": "1035332",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035332"
},
{
"name": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3978",
"datePublished": "2016-04-08T14:00:00Z",
"dateReserved": "2016-04-08T00:00:00Z",
"dateUpdated": "2024-09-16T19:46:15.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15703
Vulnerability from cvelistv5
Published
2019-10-24 13:53
Modified
2024-10-25 14:28
Severity ?
EPSS score ?
Summary
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-19-186 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: 6.2.1 Version: 6.2.0 Version: 6.0.8 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-186"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15703",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:52.556651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:28:18.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.0.8 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T19:12:50",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/psirt/FG-IR-19-186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-15703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "6.2.1"
},
{
"version_value": "6.2.0"
},
{
"version_value": "6.0.8 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/psirt/FG-IR-19-186",
"refsource": "MISC",
"url": "https://fortiguard.com/psirt/FG-IR-19-186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-15703",
"datePublished": "2019-10-24T13:53:17",
"dateReserved": "2019-08-27T00:00:00",
"dateUpdated": "2024-10-25T14:28:18.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12819
Vulnerability from cvelistv5
Published
2024-12-19 07:40
Modified
2024-12-20 17:41
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | FortiOS |
Version: 6.4.0 ≤ 6.4.1 Version: 6.2.0 ≤ 6.2.4 Version: 6.0.0 ≤ 6.0.10 Version: 5.6.0 ≤ 5.6.12 cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-12819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T16:45:10.916317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T17:41:24.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.1",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.4",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.6.12",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T07:40:58.144Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/advisory/FG-IR-20-082",
"url": "https://fortiguard.com/advisory/FG-IR-20-082"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS versions 5.6.13 or above. \r\nPlease upgrade to FortiOS versions 6.0.11 or above. \r\nPlease upgrade to FortiOS versions 6.2.5 or above. \r\nPlease upgrade to FortiOS versions 6.4.2 or above.\r\nWorkaround: \r\nDisable tunnel mode."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2020-12819",
"datePublished": "2024-12-19T07:40:58.144Z",
"dateReserved": "2020-05-12T00:00:00.000Z",
"dateUpdated": "2024-12-20T17:41:24.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13376
Vulnerability from cvelistv5
Published
2018-11-27 15:00
Modified
2024-10-25 14:31
Severity ?
EPSS score ?
Summary
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106036 | vdb-entry, x_refsource_BID | |
| https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt | x_refsource_MISC | |
| https://fortiguard.com/advisory/FG-IR-18-325 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet, Inc. | Fortinet FortiOS |
Version: FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:35.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106036"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-325"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-13376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:58.734329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:31:22.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet, Inc.",
"versions": [
{
"status": "affected",
"version": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"
}
]
}
],
"datePublic": "2018-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy\u0027s disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-17T14:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "106036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106036"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-325"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-13376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions"
}
]
}
}
]
},
"vendor_name": "Fortinet, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy\u0027s disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106036"
},
{
"name": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt",
"refsource": "MISC",
"url": "https://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180031.txt"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-18-325",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-325"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-13376",
"datePublished": "2018-11-27T15:00:00",
"dateReserved": "2018-07-06T00:00:00",
"dateUpdated": "2024-10-25T14:31:22.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5587
Vulnerability from cvelistv5
Published
2019-06-04 21:35
Modified
2024-10-25 14:06
Severity ?
EPSS score ?
Summary
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-19-017 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/108628 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS all versions below 6.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:50.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-017"
},
{
"name": "108628",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108628"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:53.112644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:06:29.918Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS all versions below 6.0.5"
}
]
}
],
"datePublic": "2019-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-06T11:06:05",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-017"
},
{
"name": "108628",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108628"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS all versions below 6.0.5"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-017",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-017"
},
{
"name": "108628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108628"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5587",
"datePublished": "2019-06-04T21:35:03",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:06:29.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3127
Vulnerability from cvelistv5
Published
2017-06-01 14:00
Modified
2024-10-25 14:13
Severity ?
EPSS score ?
Summary
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/98048 | vdb-entry, x_refsource_BID | |
| https://fortiguard.com/psirt/FG-IR-17-017 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038367 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98048"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
},
{
"name": "1038367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038367"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T14:00:46.313022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:13:13.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execution of unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "98048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98048"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
},
{
"name": "1038367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2017-3127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execution of unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98048",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98048"
},
{
"name": "https://fortiguard.com/psirt/FG-IR-17-017",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
},
{
"name": "1038367",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2017-3127",
"datePublished": "2017-06-01T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-10-25T14:13:13.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-24018
Vulnerability from cvelistv5
Published
2021-08-04 14:52
Modified
2024-10-25 13:53
Severity ?
EPSS score ?
Summary
A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.
References
| ▼ | URL | Tags |
|---|---|---|
| https://fortiguard.com/advisory/FG-IR-21-046 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS before 7.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:10.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-046"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-24018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:58:32.048495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T13:53:50.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS before 7.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-04T14:52:50",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-21-046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2021-24018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS before 7.0.1"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "Low",
"attackVector": "Adjacent",
"availabilityImpact": "Low",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Unchanged",
"userInteraction": "None",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:X/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-21-046",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-21-046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2021-24018",
"datePublished": "2021-08-04T14:52:50",
"dateReserved": "2021-01-13T00:00:00",
"dateUpdated": "2024-10-25T13:53:50.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9185
Vulnerability from cvelistv5
Published
2018-07-05 13:00
Modified
2024-10-25 14:31
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104535 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1041186 | vdb-entry, x_refsource_SECTRACK | |
| https://fortiguard.com/advisory/FG-IR-18-027 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | Fortinet FortiOS |
Version: FortiOS 6.0.0 and below |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104535"
},
{
"name": "1041186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041186"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-027"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-9185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:04:00.856306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:31:34.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.0.0 and below"
}
]
}
],
"datePublic": "2018-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user\u0027s web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-08T09:57:01",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "104535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104535"
},
{
"name": "1041186",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041186"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-18-027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2018-9185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.0.0 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user\u0027s web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104535"
},
{
"name": "1041186",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041186"
},
{
"name": "https://fortiguard.com/advisory/FG-IR-18-027",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-18-027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2018-9185",
"datePublished": "2018-07-05T13:00:00",
"dateReserved": "2018-04-02T00:00:00",
"dateUpdated": "2024-10-25T14:31:34.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29178
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 2.0.0 ≤ 2.0.12 Version: 1.2.0 ≤ 1.2.13 Version: 1.1.0 ≤ 1.1.6 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-095",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-095"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:17:55.847522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:45:18.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.2.13",
"status": "affected",
"version": "1.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.13",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 through 7.2.3 and before 7.0.9 and FortiOS version 7.2.0 through 7.2.4 and before 7.0.11 allows an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "Denial of service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:48.959Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-095",
"url": "https://fortiguard.com/psirt/FG-IR-23-095"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above\r\nPlease upgrade to FortiOS version 7.2.5 or above\r\nPlease upgrade to FortiOS version 7.0.12 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-29178",
"datePublished": "2023-06-13T08:41:48.959Z",
"dateReserved": "2023-04-03T08:47:30.452Z",
"dateUpdated": "2024-10-22T20:45:18.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36639
Vulnerability from cvelistv5
Published
2023-12-13 06:42
Modified
2024-08-02 16:52
Severity ?
EPSS score ?
Summary
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:52:54.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-138",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.11",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.12",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "1.1.0"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.4",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiPAM versions 1.0.0 through 1.0.3 allows attacker to execute unauthorized code or commands via specially crafted API requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T06:42:44.194Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-138",
"url": "https://fortiguard.com/psirt/FG-IR-23-138"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.5 or above \nPlease upgrade to FortiOS version 7.0.12 or above \nPlease upgrade to FortiOS version 6.4.13 or above \nPlease upgrade to FortiOS version 6.2.16 or above \nPlease upgrade to FortiPAM version 1.2.0 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiProxy version 7.2.5 or above \nPlease upgrade to FortiProxy version 7.0.11 or above \nPlease upgrade to FortiSASE version 23.3 or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-36639",
"datePublished": "2023-12-13T06:42:44.194Z",
"dateReserved": "2023-06-25T18:03:39.227Z",
"dateUpdated": "2024-08-02T16:52:54.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29175
Vulnerability from cvelistv5
Published
2023-06-13 08:41
Modified
2024-10-22 20:45
Severity ?
EPSS score ?
Summary
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard's map server.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.2.0 ≤ 7.2.3 Version: 7.0.0 ≤ 7.0.9 Version: 2.0.0 ≤ 2.0.12 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-468",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-22-468"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T20:17:56.986398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T20:45:26.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.9",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.12",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.2.0"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.13",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.15",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote\u00a0FortiGuard\u0027s map server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:41:48.433Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-22-468",
"url": "https://fortiguard.com/psirt/FG-IR-22-468"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.2.1 or above\r\nPlease upgrade to FortiOS version 7.0.11 or above\nPlease upgrade to FortiProxy version 7.2.4 or above\r\nPlease upgrade to FortiProxy version 7.0.10 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-29175",
"datePublished": "2023-06-13T08:41:48.433Z",
"dateReserved": "2023-04-03T08:47:30.451Z",
"dateUpdated": "2024-10-22T20:45:26.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-45586
Vulnerability from cvelistv5
Published
2024-05-14 16:19
Modified
2024-08-02 20:21
Severity ?
EPSS score ?
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiProxy |
Version: 7.4.0 ≤ 7.4.1 Version: 7.2.0 ≤ 7.2.7 Version: 7.0.0 ≤ 7.0.13 Version: 2.0.0 ≤ 2.0.14 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThan": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortios",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fortiproxy",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-14T18:40:45.753206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T12:42:53.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:21:16.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-225",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.0.14",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.1",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.12",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.15",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.16",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 \u0026 FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-14T16:19:09.998Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-225",
"url": "https://fortiguard.com/psirt/FG-IR-23-225"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiProxy version 7.4.2 or above \nPlease upgrade to FortiProxy version 7.2.8 or above \nPlease upgrade to FortiProxy version 7.0.14 or above \nPlease upgrade to FortiOS version 7.4.2 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.13 or above \nPlease upgrade to FortiSASE version 23.4.a or above \n"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-45586",
"datePublished": "2024-05-14T16:19:09.998Z",
"dateReserved": "2023-10-09T08:01:29.296Z",
"dateUpdated": "2024-08-02T20:21:16.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1414
Vulnerability from cvelistv5
Published
2013-07-08 17:00
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.exploit-db.com/exploits/26528/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26528",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/26528/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-08T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26528",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/26528/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26528",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/26528/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1414",
"datePublished": "2013-07-08T17:00:00Z",
"dateReserved": "2013-01-24T00:00:00Z",
"dateUpdated": "2024-09-16T20:16:50.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-55591
Vulnerability from cvelistv5
Published
2025-01-14 14:08
Modified
2025-01-23 04:55
Severity ?
EPSS score ?
Summary
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiOS |
Version: 7.0.0 ≤ 7.0.16 cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:* |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55591",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-01-14",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T04:55:42.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.16",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiProxy",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.12",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.19",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An\u00a0Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to\u00a0Node.js websocket module."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:08:34.207Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-535"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.0.17 or above \nPlease upgrade to FortiProxy version 7.2.13 or above \nPlease upgrade to FortiProxy version 7.0.20 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-55591",
"datePublished": "2025-01-14T14:08:34.207Z",
"dateReserved": "2024-12-09T11:19:49.470Z",
"dateUpdated": "2025-01-23T04:55:42.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41678
Vulnerability from cvelistv5
Published
2023-12-13 06:44
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-196",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FortiOS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.0.5",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "FortiPAM",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "1.1.1",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.0.3",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Execute unauthorized code or commands",
"lan