Commit CVE-2021-22125

2025-07-29 05:56:59 +00:00 · 2021-07-20 11:46:40 +02:00 · 2021-07-20 11:46:40 +02:00 · b6b2474b0a
commit b6b2474b0a
parent ac0b945dae
1 changed files with 63 additions and 3 deletions
--- a/2021/22xxx/CVE-2021-22125.json
+++ b/2021/22xxx/CVE-2021-22125.json
@ -4,14 +4,74 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2021-22125",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "psirt@fortinet.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Fortinet",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Fortinet FortiSandbox",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "FortiSandbox before 3.2.2"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "Low",
+            "attackVector": "Adjacent",
+            "availabilityImpact": "Low",
+            "baseScore": 6.2,
+            "baseSeverity": "Medium",
+            "confidentialityImpact": "None",
+            "integrityImpact": "High",
+            "privilegesRequired": "Low",
+            "scope": "Unchanged",
+            "userInteraction": "None",
+            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Execute unauthorized code or commands"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://fortiguard.com/advisory/FG-IR-21-005",
+                "url": "https://fortiguard.com/advisory/FG-IR-21-005"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file."
            }
        ]
    }