Auto-merge PR#5176

2025-06-12 02:05:39 +00:00 · 2022-04-06 05:20:17 -04:00 · 2022-04-06 05:20:17 -04:00 · 7a22c9f38f
commit 7a22c9f38f
parent ceb931fda5 cdc482af2b
1 changed files with 63 additions and 3 deletions
--- a/2021/26xxx/CVE-2021-26114.json
+++ b/2021/26xxx/CVE-2021-26114.json
@ -4,14 +4,74 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2021-26114",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "psirt@fortinet.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Fortinet",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Fortinet FortiWAN",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "FortiWAN before 4.5.9"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "Low",
+            "attackVector": "Network",
+            "availabilityImpact": "High",
+            "baseScore": 9.6,
+            "baseSeverity": "Critical",
+            "confidentialityImpact": "High",
+            "integrityImpact": "High",
+            "privilegesRequired": "None",
+            "scope": "Unchanged",
+            "userInteraction": "None",
+            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Execute unauthorized code or commands"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://fortiguard.com/psirt/FG-IR-21-062",
+                "url": "https://fortiguard.com/psirt/FG-IR-21-062"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN\u00a0before 4.5.9 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests."
            }
        ]
    }