mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
227 lines
9.2 KiB
JSON
227 lines
9.2 KiB
JSON
{
|
|
"id": "CVE-2022-22299",
|
|
"sourceIdentifier": "psirt@fortinet.com",
|
|
"published": "2022-08-05T20:15:08.147",
|
|
"lastModified": "2022-08-11T17:54:14.543",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de cadena de formato [CWE-134] en el int\u00e9rprete de l\u00ednea de comandos de FortiADC versi\u00f3n 6.0.0 hasta 6.0.4, FortiADC versi\u00f3n 6.1.0 hasta 6.1.5, FortiADC versi\u00f3n 6.2.0 hasta 6.2.1, FortiProxy versi\u00f3n 1.0.0 hasta 1.0.7, FortiProxy versi\u00f3n 1.1.0 hasta 1.1.6, FortiProxy versi\u00f3n 1.2.0 hasta 1.2.13, FortiProxy versi\u00f3n 2.0.0 hasta 2.0.7, FortiProxy versi\u00f3n 7. 0.0 a 7.0.1, FortiOS versi\u00f3n 6.0.0 hasta 6.0.14, FortiOS versi\u00f3n 6.2.0 hasta 6.2.10, FortiOS versi\u00f3n 6.4.0 hasta 6.4.8, FortiOS versi\u00f3n 7.0.0 hasta 7.0.2, FortiMail versi\u00f3n 6.4.0 hasta 6.4.5, FortiMail versi\u00f3n 7.0.0 hasta 7.0.2, pueden permitir a un usuario autenticado ejecutar c\u00f3digo o comandos no autorizados por medio de argumentos de comando especialmente dise\u00f1ados"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "psirt@fortinet.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-134"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.0.0",
|
|
"versionEndIncluding": "6.0.4",
|
|
"matchCriteriaId": "3ADB57D8-1ABE-4401-B1B0-4640A34C555A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.1.0",
|
|
"versionEndIncluding": "6.1.6",
|
|
"matchCriteriaId": "D31CF79E-6C56-4CD0-9DD2-FBB48D503786"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FCDF60B5-A0BE-41F6-A0D5-53526A7BBAE1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B42E0536-4831-4A6B-AC0B-C7AE3CDE3834"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.4.0",
|
|
"versionEndIncluding": "6.4.5",
|
|
"matchCriteriaId": "07883AF7-1C60-43C9-8D98-CCF2B20C3B13"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.0.0",
|
|
"versionEndIncluding": "7.0.2",
|
|
"matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "1.0.0",
|
|
"versionEndIncluding": "1.0.7",
|
|
"matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "1.1.0",
|
|
"versionEndIncluding": "1.1.6",
|
|
"matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "1.2.0",
|
|
"versionEndIncluding": "1.2.13",
|
|
"matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "2.0.0",
|
|
"versionEndIncluding": "2.0.7",
|
|
"matchCriteriaId": "1C5E8B52-3027-4A6E-82AC-052D5A320D84"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.0.0",
|
|
"versionEndIncluding": "5.0.14",
|
|
"matchCriteriaId": "5BB7E21E-A68B-44FC-8F0E-EF5926186F26"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.2.0",
|
|
"versionEndIncluding": "5.2.15",
|
|
"matchCriteriaId": "3F93F9C8-6064-4CED-88DF-3580C517AB51"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.4.0",
|
|
"versionEndIncluding": "5.4.13",
|
|
"matchCriteriaId": "0507F264-9E8D-4F9D-AB18-0C6CA5BD69F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.6.0",
|
|
"versionEndIncluding": "5.6.14",
|
|
"matchCriteriaId": "AC0AFBC1-5C11-412E-9979-AF89DD26EFCD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.0.0",
|
|
"versionEndIncluding": "6.0.14",
|
|
"matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.2.0",
|
|
"versionEndIncluding": "6.2.10",
|
|
"matchCriteriaId": "B4361DFE-431C-470A-9C9A-263681F125CC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.4.0",
|
|
"versionEndExcluding": "6.4.8",
|
|
"matchCriteriaId": "986D96D1-B204-48FC-8852-BB8341941236"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.0.0",
|
|
"versionEndExcluding": "7.0.2",
|
|
"matchCriteriaId": "455773C7-5DAC-4EFF-8848-51EC77C9CB57"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://fortiguard.com/psirt/FG-IR-21-235",
|
|
"source": "psirt@fortinet.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |