admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/42xxx/CVE-2022-42474.json

158 lines
7.1 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2022-10-07 15:00:34 +00:00
{
"-Synchronized-Data."
2023-06-13 09:00:43 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2022-10-07 15:00:34 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-42474",
"-Synchronized-Data."
2023-06-13 09:00:43 +00:00
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2022-10-07 15:00:34 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2023-06-13 09:00:43 +00:00
"value": "A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands",
"cweId": "CWE-23"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiSwitchManager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.2.0",
"version_value": "7.2.1"
},
{
"version_affected": "<=",
"version_name": "7.0.0",
"version_value": "7.0.1"
}
]
}
},
{
"product_name": "FortiProxy",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.2.0",
"version_value": "7.2.1"
},
{
"version_affected": "<=",
"version_name": "7.0.0",
"version_value": "7.0.7"
},
{
"version_affected": "<=",
"version_name": "2.0.0",
"version_value": "2.0.11"
},
{
"version_affected": "<=",
"version_name": "1.2.0",
"version_value": "1.2.13"
},
{
"version_affected": "<=",
"version_name": "1.1.0",
"version_value": "1.1.6"
},
{
"version_affected": "<=",
"version_name": "1.0.0",
"version_value": "1.0.7"
}
]
}
},
{
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "7.2.0",
"version_value": "7.2.3"
},
{
"version_affected": "<=",
"version_name": "7.0.0",
"version_value": "7.0.9"
},
{
"version_affected": "<=",
"version_name": "6.4.0",
"version_value": "6.4.12"
},
{
"version_affected": "<=",
"version_name": "6.2.0",
"version_value": "6.2.15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-393",
"refsource": "MISC",
"name": "https://fortiguard.com/psirt/FG-IR-22-393"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please upgrade to FortiOS version 7.4.0 or above\r\nPlease upgrade to FortiOS version 7.2.4 or above\r\nPlease upgrade to FortiOS version 7.0.10 or above\r\nPlease upgrade to FortiOS version 6.4.13 or above\r\nPlease upgrade to FortiSwitchManager version 7.2.2 or above\r\nPlease upgrade to FortiSwitchManager version 7.0.2 or above\r\nPlease upgrade to FortiProxy version 7.2.2 or above\r\nPlease upgrade to FortiProxy version 7.0.8 or above\r\nPlease upgrade to FortiProxy version 2.0.12 or above"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:C"
"-Synchronized-Data."
2022-10-07 15:00:34 +00:00
}
]
}
}
Reference in New Issue Copy Permalink