admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-274xx/CVE-2022-27488.json
cad-safe-bot a83a66a0e4 Auto-Update: 2024-01-18T17:00:24.680887+00:00
2024-01-18 17:00:28 +00:00

224 lines
8.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-27488",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-12-13T07:15:10.910",
"lastModified": "2024-01-18T15:48:06.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via\u00a0tricking an authenticated administrator to execute malicious GET requests."
},
{
"lang": "es",
"value": "Cross-Site Request Forgery (CSRF) en Fortinet FortiVoiceEnterprise versi\u00f3n 6.4.x, 6.0.x, FortiSwitch versi\u00f3n 7.0.0 a 7.0.4, 6.4.0 a 6.4.10, 6.2.0 a 6.2.7, 6.0.x , FortiMail versi\u00f3n 7.0.0 a 7.0.3, 6.4.0 a 6.4.6, 6.2.x, 6.0.x FortiRecorder versi\u00f3n 6.4.0 a 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR versi\u00f3n 1.xx permite que un atacante remoto no autenticado ejecute comandos en la CLI enga\u00f1ando a un administrador autenticado para que ejecute solicitudes GET maliciosas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiai:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19BD18D1-18D4-4D01-BF20-63458D0B20DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiai:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "649E0260-0770-4D6A-A679-8862D7039A08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.12",
"matchCriteriaId": "01F784BF-4F89-4938-9150-F911E3EB6CD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.9",
"matchCriteriaId": "AEDC7EE8-084C-4F9E-A510-E283FCDF9832"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.6",
"matchCriteriaId": "C0A5C345-7055-4F18-AE77-FF1DBE41AB89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.3",
"matchCriteriaId": "3680FCC2-6397-4726-AA94-902C3831EDD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.4",
"matchCriteriaId": "7E091862-662E-40F0-9D53-6F9B898115BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "888692FD-3219-49D3-898C-F4EA84CCC6CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndIncluding": "2.6.3",
"matchCriteriaId": "78EA72E6-DBA2-4E76-AF17-7AC63D542241"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.7",
"matchCriteriaId": "4A18D3F0-FED4-49D1-BD14-C57875D48190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.11",
"matchCriteriaId": "BAED4521-DF4F-4CCA-82CE-9FAC7BC95391"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.2",
"matchCriteriaId": "C8252967-27EB-4596-A1BF-673DE66B77BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.11",
"matchCriteriaId": "D3AE050D-F16C-4FA4-B1F3-54708C8BDC4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "FCD41EBB-A032-40F1-85F9-E2640DD7F448"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.7",
"matchCriteriaId": "843F4434-651D-4A22-80C3-77397E059A98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.7",
"matchCriteriaId": "549EE910-DAC4-45B7-AE45-6B6A786CD2F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.10",
"matchCriteriaId": "4EAE583E-5D26-4224-AB58-DC3E4A6EA505"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.4",
"matchCriteriaId": "2681D458-EE55-478D-92D1-C6BB7BB3BAC4"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-038",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink