admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-379xx/CVE-2023-37936.json
cad-safe-bot d2f248e1cf Auto-Update: 2025-01-31T19:00:24.163959+00:00
2025-01-31 19:03:50 +00:00

138 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-37936",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2025-01-14T14:15:26.790",
"lastModified": "2025-01-31T17:42:50.520",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests."
},
{
"lang": "es",
"value": "El uso de una clave criptogr\u00e1fica codificada en Fortinet FortiSwitch versi\u00f3n 7.4.0 y 7.2.0 a 7.2.5 y 7.0.0 a 7.0.7 y 6.4.0 a 6.4.13 y 6.2.0 a 6.2.7 y 6.0.0 a 6.0.7 permite a un atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de solicitudes manipuladas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.2.8",
"matchCriteriaId": "D598B891-A763-405E-936F-3BD50BAAF79A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.14",
"matchCriteriaId": "D2AD0CC1-18B1-43FF-8D4F-ED2B20967F02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.8",
"matchCriteriaId": "2BBD731D-302D-4E1B-9155-208D3917EA39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.6",
"matchCriteriaId": "CF62985F-6E9F-4AFA-B7BE-34DAF8969DFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19F02C5D-A0DE-47C9-A4B4-4C9BB7E50244"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-260",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink