admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-418xx/CVE-2023-41842.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

170 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-41842",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2024-03-12T15:15:45.920",
"lastModified": "2024-03-21T21:04:13.000",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments."
},
{
"lang": "es",
"value": "Un uso de vulnerabilidad de cadena de formato controlada externamente [CWE-134] en Fortinet FortiManager versi\u00f3n 7.4.0 a 7.4.1, versi\u00f3n 7.2.0 a 7.2.3 y anteriores a 7.0.10, Fortinet FortiAnalyzer versi\u00f3n 7.4.0 a 7.4.1 , versi\u00f3n 7.2.0 a 7.2.3 y anteriores a 7.0.10, Fortinet FortiAnalyzer-BigData anterior a 7.2.5 y Fortinet FortiPortal versi\u00f3n 6.0 todas las versiones y la versi\u00f3n 5.3 todas las versiones permite a un atacante privilegiado ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de argumentos de comando especialmente manipulados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-134"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.0.10",
"matchCriteriaId": "18205067-639E-4A90-AF8C-DA71FB65AEFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.4",
"matchCriteriaId": "8E0D5DF6-69C6-4325-94D3-D7A44862F62C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.2",
"matchCriteriaId": "CB15106A-8295-4A9E-B5C8-FA9654636B15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.5",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "7299FC61-369D-4F07-B0E1-1FD9E2E371A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.1",
"versionEndIncluding": "7.0.6",
"matchCriteriaId": "9417A7DF-F260-45C2-A224-D6FB08792C58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "A06370D3-3917-4D9E-980D-52621794A671"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "11815CDE-B157-457A-AB0D-DA73A0F4656C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.0.10",
"matchCriteriaId": "BBD0FF48-FC1A-4406-B939-7E83ED65A57E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.4",
"matchCriteriaId": "5BC35BBC-5F0C-4802-8F00-643D465D43E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.2",
"matchCriteriaId": "83316FAF-C5DE-4603-B3B2-6796E2FAF1A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.0",
"versionEndIncluding": "6.0.14",
"matchCriteriaId": "CC626329-3FCF-45BE-955B-82A495B10FA6"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-304",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink