admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/40xxx/CVE-2022-40677.json
CVE Team a33b046ef8
"-Synchronized-Data."
2023-02-16 19:00:35 +00:00

122 lines
4.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-40677",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands",
"cweId": "CWE-88"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiNAC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.4.0"
},
{
"version_affected": "<=",
"version_name": "9.2.0",
"version_value": "9.2.5"
},
{
"version_affected": "<=",
"version_name": "9.1.0",
"version_value": "9.1.7"
},
{
"version_affected": "<=",
"version_name": "8.8.0",
"version_value": "8.8.11"
},
{
"version_affected": "<=",
"version_name": "8.7.0",
"version_value": "8.7.6"
},
{
"version_affected": "<=",
"version_name": "8.6.0",
"version_value": "8.6.5"
},
{
"version_affected": "<=",
"version_name": "8.5.0",
"version_value": "8.5.4"
},
{
"version_affected": "=",
"version_value": "8.3.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-280",
"refsource": "MISC",
"name": "https://fortiguard.com/psirt/FG-IR-22-280"
}
]
},
"solution": [
{
"lang": "en",
"value": "Please upgrade to FortiNAC version 9.4.1 or above Please upgrade to FortiNAC version 9.2.6 or above Please upgrade to FortiNAC version 9.1.8 or above Please upgrade to FortiNAC version 7.2.0 or above "
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink