Search

Find a vulnerability

Search criteria

    45 vulnerabilities found for fortiwlc by fortinet

    VAR-202105-1518

    Vulnerability from variot - Updated: 2025-08-02 21:32

    A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password. fortinet's FortiWLC contains vulnerabilities related to access control and the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202105-1518",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.6"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.7"
          },
          {
            "model": "fortiwlc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.2.7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.4.0  that\u0027s all  8.5.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.2.6"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.3.3"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "cve": "CVE-2021-22126",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2021-22126",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-021881",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-22126",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2021-021881",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-975",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202105-185",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password. fortinet\u0027s FortiWLC contains vulnerabilities related to access control and the use of hard-coded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-22126",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881",
            "trust": 0.8
          },
          {
            "db": "CS-HELP",
            "id": "SB2021041363",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1509",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021050507",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "id": "VAR-202105-1518",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5896806
      },
      "last_update_date": "2025-08-02T21:32:32.616000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-20-147",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/FG-IR-20-147"
          },
          {
            "title": "4Gon Meru Networks Access Points Repair measures for trust management problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=149215"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-284",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate access control (CWE-284) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Use hard-coded credentials (CWE-798) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://fortiguard.fortinet.com/psirt/fg-ir-20-147"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22126"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1509"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021050507"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "date": "2021-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "date": "2025-03-17T14:15:17.067000",
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-30T02:52:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          },
          {
            "date": "2021-04-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-05-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202105-185"
          },
          {
            "date": "2025-07-24T20:16:08.390000",
            "db": "NVD",
            "id": "CVE-2021-22126"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "fortinet\u0027s \u00a0FortiWLC\u00a0 access control vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021881"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202106-1941

    Vulnerability from variot - Updated: 2025-07-29 22:31

    An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details. fortinet's FortiWLC contains an access control vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1941",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.4"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.1.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.1.3  that\u0027s all  8.5.4"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.6.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "cve": "CVE-2021-32584",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-32584",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-021877",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-32584",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2021-021877",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-975",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202106-209",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL.  The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details. fortinet\u0027s FortiWLC contains an access control vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-32584",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877",
            "trust": 0.8
          },
          {
            "db": "CS-HELP",
            "id": "SB2021041363",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021060312",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1953",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "id": "VAR-202106-1941",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5896806
      },
      "last_update_date": "2025-07-29T22:31:37.736000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-20-138",
            "trust": 0.8,
            "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-138"
          },
          {
            "title": "FortiWLC Fixes for access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152902"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-284",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate access control (CWE-284) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://fortiguard.fortinet.com/psirt/fg-ir-20-138"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-32584"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1953"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021060312"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "date": "2021-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "date": "2025-03-17T14:15:17.413000",
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-28T07:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          },
          {
            "date": "2021-04-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-209"
          },
          {
            "date": "2025-07-24T20:17:07.543000",
            "db": "NVD",
            "id": "CVE-2021-32584"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "fortinet\u0027s \u00a0FortiWLC\u00a0 access control vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021877"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202106-1945

    Vulnerability from variot - Updated: 2025-07-26 20:40

    An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1945",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.4"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.0"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.2"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.4"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.0"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "cve": "CVE-2021-26087",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-26087",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-26087",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-26087",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-26087",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-975",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202106-068",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 1.44
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-26087",
            "trust": 1.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021041363",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1891",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021060140",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "id": "VAR-202106-1945",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5896806
      },
      "last_update_date": "2025-07-26T20:40:42.773000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FortiWLC web interface Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152508"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://fortiguard.fortinet.com/psirt/fg-ir-20-137"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1891"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021060140"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "date": "2025-03-17T14:15:17.247000",
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          },
          {
            "date": "2025-07-24T20:16:57.290000",
            "db": "NVD",
            "id": "CVE-2021-26087"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-068"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Pillow Buffer error vulnerability",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-1338

    Vulnerability from variot - Updated: 2025-04-20 23:36

    An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests. Fortinet FortiWLC Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortinetFortiWLC is a network management device. Fortinet FortiWLC is prone to an OS command-injection vulnerability because it fails to properly sanitize user-supplied input. The following products are affected: Fortinet FortiWLC 6.1-2 through 6.1-5. Fortinet FortiWLC 7.0-7 through 7.0-10. Fortinet FortiWLC 8.0 through 8.2. Fortinet FortiWLC 8.3.0 through 8.3.2. Fortinet FortiWLC is a wireless LAN controller from Fortinet

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1338",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.1-5"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.0"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.1-2"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0-10"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "6.1-2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "6.1-5"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "7.0-10"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "8.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "8.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "6.1-2 to  6.1-5"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "7.0-7 to  7.0-10"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "8.0 to  8.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "8.3.0 to  8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "BID",
            "id": "101273"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tom Scholten, SOLIDBE B.V.",
        "sources": [
          {
            "db": "BID",
            "id": "101273"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-7341",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2017-7341",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-32269",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "VHN-115544",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2017-7341",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-7341",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-7341",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-32269",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201703-1373",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-115544",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10, 8.0 through 8.2, and 8.3.0 through 8.3.2 file management AP script download webUI page allows an authenticated admin user to execute arbitrary system console commands via crafted HTTP requests. Fortinet FortiWLC Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortinetFortiWLC is a network management device. Fortinet FortiWLC is prone to an OS command-injection vulnerability because it fails to properly sanitize user-supplied input. \nThe following products are affected:\nFortinet FortiWLC 6.1-2 through 6.1-5. \nFortinet FortiWLC 7.0-7 through 7.0-10. \nFortinet FortiWLC 8.0 through 8.2. \nFortinet FortiWLC 8.3.0 through 8.3.2. Fortinet FortiWLC is a wireless LAN controller from Fortinet",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "BID",
            "id": "101273"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-7341",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "101273",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "db": "BID",
            "id": "101273"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "id": "VAR-201710-1338",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:36:45.496000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-17-119",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/FG-IR-17-119"
          },
          {
            "title": "Patch for FortinetFortiWLCOS Command Injection Vulnerability (CNVD-2017-32269)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/104976"
          },
          {
            "title": "Fortinet FortiWLC Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99699"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-77",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://fortiguard.com/psirt/fg-ir-17-119"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/101273"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7341"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7341"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "db": "BID",
            "id": "101273"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "db": "BID",
            "id": "101273"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "date": "2017-10-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "date": "2017-10-13T00:00:00",
            "db": "BID",
            "id": "101273"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "date": "2017-03-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "date": "2017-10-26T13:29:00.370000",
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32269"
          },
          {
            "date": "2019-10-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-115544"
          },
          {
            "date": "2017-10-13T00:00:00",
            "db": "BID",
            "id": "101273"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          },
          {
            "date": "2019-10-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-7341"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009748"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201703-1373"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201710-1337

    Vulnerability from variot - Updated: 2025-04-20 23:30

    A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters "refresh" and "branchtotable" present in HTTP POST requests. Fortinet FortiWLC Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. FortinetFortiWLC is a network management device. Fortinet FortiWLC is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. The following versions are vulnerable: FortiWLC 6.1-2, 6.1-4 and 6.1-5 FortiWLC 7.0-7, 7.0-8, 7.0-9, 7.0-10 FortiWLC 8.0, 8.1, 8.2 and 8.3.0 through 8.3.2. Fortinet FortiWLC is a wireless LAN controller from Fortinet. The following versions are affected: Fortinet FortiWLC Version 6.1-2, Version 6.1-4, Version 6.1-5, Version 7.0-7, Version 7.0-8, Version 7.0-9, Version 7.0-10, Version 8.0, Version 8.1, Version 8.2 , version 8.3.0-8.3.2

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1337",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "7.0-8"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "6.1-2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "6.1-4"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "6.1-5"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "7.0-9"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "7.0-10"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "8.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "fortinet",
            "version": "8.3.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "6.1-x (6.1-2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "6.1-4 and  6.1-5)"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "7.0-x (7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "7.0-9 and  7.0-10)"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "8.x (8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "8.2 and  8.3.0-8.3.2)"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3"
          },
          {
            "model": "fortiwlc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0.11"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ali Ardic",
        "sources": [
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2017-7335",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2017-7335",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-32268",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-115538",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2017-7335",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-7335",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-7335",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-32268",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201710-1052",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-115538",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-x (7.0-7, 7.0-8, 7.0-9, 7.0-10); and 8.x (8.0, 8.1, 8.2 and 8.3.0-8.3.2) allows an authenticated user to inject arbitrary web script or HTML via non-sanitized parameters \"refresh\" and \"branchtotable\" present in HTTP POST requests. Fortinet FortiWLC Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. FortinetFortiWLC is a network management device. Fortinet FortiWLC is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nThe following versions are vulnerable:\nFortiWLC 6.1-2, 6.1-4 and 6.1-5\nFortiWLC 7.0-7, 7.0-8, 7.0-9, 7.0-10\nFortiWLC 8.0, 8.1, 8.2 and 8.3.0 through 8.3.2. Fortinet FortiWLC is a wireless LAN controller from Fortinet. The following versions are affected: Fortinet FortiWLC Version 6.1-2, Version 6.1-4, Version 6.1-5, Version 7.0-7, Version 7.0-8, Version 7.0-9, Version 7.0-10, Version 8.0, Version 8.1, Version 8.2 , version 8.3.0-8.3.2",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-7335",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "101287",
            "trust": 2.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "101287101287",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "37821",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "id": "VAR-201710-1337",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:30:51.046000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-17-106",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/FG-IR-17-106"
          },
          {
            "title": "FortinetFortiWLC has multiple patches for cross-site scripting vulnerability (CNVD-2017-32268)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/104965"
          },
          {
            "title": "Fortinet FortiWLC Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75924"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://fortiguard.com/psirt/fg-ir-17-106"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/101287"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7335"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7335"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/37821"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "db": "BID",
            "id": "101287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "date": "2017-10-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "date": "2017-10-13T00:00:00",
            "db": "BID",
            "id": "101287"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "date": "2017-10-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "date": "2017-10-26T13:29:00.277000",
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-11-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-32268"
          },
          {
            "date": "2017-11-17T00:00:00",
            "db": "VULHUB",
            "id": "VHN-115538"
          },
          {
            "date": "2017-10-13T00:00:00",
            "db": "BID",
            "id": "101287"
          },
          {
            "date": "2017-11-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          },
          {
            "date": "2017-11-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2017-7335"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Vulnerable to cross-site scripting",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-009747"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201710-1052"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201702-0116

    Vulnerability from variot - Updated: 2025-04-20 23:23

    The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. FortinetFortiWLC is a wireless controller from Fortinet. FortinetFortiWLC hard-coded has a security bypass vulnerability that an attacker can use to gain access to sensitive information. FortiWLC is prone to a security-bypass vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0116",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "8.2-4-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "8.1-2-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "7.0-9-1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "7.0-10-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 2.5,
            "vendor": "fortinet",
            "version": "8.1-3-2"
          },
          {
            "model": "fortiwlc",
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "University of Toronto.",
        "sources": [
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2016-8491",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-8491",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2016-11177",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 9.4,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-97311",
                "impactScore": 9.2,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-8491",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-8491",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-8491",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-11177",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201611-346",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-97311",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The presence of a hardcoded account named \u0027core\u0027 in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. FortinetFortiWLC is a wireless controller from Fortinet. FortinetFortiWLC hard-coded has a security bypass vulnerability that an attacker can use to gain access to sensitive information. FortiWLC is prone to a security-bypass vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-8491",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "94186",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "id": "VAR-201702-0116",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          }
        ]
      },
      "last_update_date": "2025-04-20T23:23:53.215000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FortiWLC Undocumented Hardcoded core Account",
            "trust": 0.8,
            "url": "https://fortiguard.com/advisory/FG-IR-16-065"
          },
          {
            "title": "FortinetFortiWLC hardcoded security bypass vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/83992"
          },
          {
            "title": "Fortinet FortiWLC Repair measures for security bypass vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65710"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/94186"
          },
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/advisory/fg-ir-16-065"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8491"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8491"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          },
          {
            "trust": 0.3,
            "url": "http://fortiguard.com/advisory/fortiwlc-undocumented-hardcoded-core-account"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "db": "BID",
            "id": "94186"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-11-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "date": "2017-02-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "date": "2016-11-09T00:00:00",
            "db": "BID",
            "id": "94186"
          },
          {
            "date": "2017-03-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "date": "2016-11-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "date": "2017-02-01T17:59:00.153000",
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-11-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-11177"
          },
          {
            "date": "2017-02-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-97311"
          },
          {
            "date": "2016-11-24T01:08:00",
            "db": "BID",
            "id": "94186"
          },
          {
            "date": "2017-03-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          },
          {
            "date": "2017-02-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          },
          {
            "date": "2025-04-20T01:37:25.860000",
            "db": "NVD",
            "id": "CVE-2016-8491"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Unauthenticated read in / Vulnerability to gain write access",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007731"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201611-346"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201610-0366

    Vulnerability from variot - Updated: 2025-04-13 23:27

    Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file. FortinetFortiWLC is a wireless controller from Fortinet. There is a security hole in FortinetFortiWLC. FortiWLC is prone to a local information-disclosure vulnerability. The following versions are affected: FortiWLC 6.1-2-29 and prior versions FortiWLC 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0366",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.2-4-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.1-2-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.0-5-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "7.0-9-1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "7.0-10-0"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "fortinet",
            "version": "6.1-2-29"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "fortinet",
            "version": "6.1-2-29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "BID",
            "id": "93282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "University of Toronto",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2016-7561",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2016-7561",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2016-08623",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-96381",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2016-7561",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-7561",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-7561",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-08623",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201610-118",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-96381",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow administrators to obtain sensitive user credentials by reading the pam.log file. FortinetFortiWLC is a wireless controller from Fortinet. There is a security hole in FortinetFortiWLC. FortiWLC is prone to a local information-disclosure vulnerability. \nThe following versions are affected:\nFortiWLC 6.1-2-29 and prior versions\nFortiWLC 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "BID",
            "id": "93282"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-7561",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "93282",
            "trust": 2.0
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2016.2303",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "db": "BID",
            "id": "93282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "id": "VAR-201610-0366",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:27:24.353000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FortiWLC PAM.log authenticated user information exposure",
            "trust": 0.8,
            "url": "http://fortiguard.com/advisory/FG-IR-16-030"
          },
          {
            "title": "FortinetFortiWLC Information Disclosure Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/82170"
          },
          {
            "title": "Fortinet FortiWLC Repair measures for information disclosure vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64543"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "http://fortiguard.com/advisory/fg-ir-16-030"
          },
          {
            "trust": 1.2,
            "url": "http://www.auscert.org.au/./render.html?it=39190"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/93282"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7561"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7561"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "db": "BID",
            "id": "93282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "db": "BID",
            "id": "93282"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "date": "2016-10-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "date": "2016-09-30T00:00:00",
            "db": "BID",
            "id": "93282"
          },
          {
            "date": "2016-10-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "date": "2016-09-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "date": "2016-10-05T16:59:08.900000",
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "date": "2016-12-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-96381"
          },
          {
            "date": "2016-10-10T00:01:00",
            "db": "BID",
            "id": "93282"
          },
          {
            "date": "2016-10-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-005174"
          },
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2016-7561"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08623"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-118"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201610-0365

    Vulnerability from variot - Updated: 2025-04-13 23:27

    The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may read or write arbitrary files. FortinetFortiWLC is a wireless controller from Fortinet. FortiWLC is prone to a security-bypass vulnerability. An attacker can exploit this issue to gain access to the system and obtain sensitive information that may lead to further attack. The following versions are affected: Fortinet FortiWLC 6.1-2-29 and prior, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, 8.2-4-0 Version

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0365",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.2-4-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.1-2-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "8.0-5-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "7.0-9-1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 3.3,
            "vendor": "fortinet",
            "version": "7.0-10-0"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "fortinet",
            "version": "6.1-2-29"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "fortinet",
            "version": "6.1-2-29"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "BID",
            "id": "93286"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "University of Toronto",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2016-7560",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-7560",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2016-08622",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-96380",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-7560",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-7560",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-7560",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2016-08622",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201610-119",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-96380",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-7560",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may read or write arbitrary files. FortinetFortiWLC is a wireless controller from Fortinet. FortiWLC is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to gain  access to the system and obtain sensitive information that may lead to  further attack. The following versions are affected: Fortinet FortiWLC 6.1-2-29 and prior, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, 8.2-4-0 Version",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "BID",
            "id": "93286"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-7560",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "93286",
            "trust": 2.1
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2016.2303",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "db": "BID",
            "id": "93286"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "id": "VAR-201610-0365",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          }
        ]
      },
      "last_update_date": "2025-04-13T23:27:24.314000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FortiWLC Undocumented Hardcoded Rsync Account",
            "trust": 0.8,
            "url": "http://fortiguard.com/advisory/FG-IR-16-029"
          },
          {
            "title": "FortinetFortiWLC security bypass vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/82169"
          },
          {
            "title": "Fortinet FortiWLC Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64544"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.1,
            "url": "http://fortiguard.com/advisory/fg-ir-16-029"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/93286"
          },
          {
            "trust": 1.2,
            "url": "http://www.auscert.org.au/./render.html?it=39190"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7560"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7560"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/798.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "db": "BID",
            "id": "93286"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "db": "BID",
            "id": "93286"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "date": "2016-10-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "date": "2016-10-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "date": "2016-09-30T00:00:00",
            "db": "BID",
            "id": "93286"
          },
          {
            "date": "2016-10-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "date": "2016-09-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "date": "2016-10-05T16:59:07.900000",
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2016-08622"
          },
          {
            "date": "2016-12-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-96380"
          },
          {
            "date": "2016-12-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-7560"
          },
          {
            "date": "2016-10-10T00:02:00",
            "db": "BID",
            "id": "93286"
          },
          {
            "date": "2016-10-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          },
          {
            "date": "2016-10-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2016-7560"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC of  rsyncd Vulnerability to read and write arbitrary files on the server",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-005173"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201610-119"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202402-1155

    Vulnerability from variot - Updated: 2025-02-22 23:38

    A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the Host header points to an arbitrary webserver. FortiADC , FortiAuthenticator , FortiDDoS Several Fortinet products, including the above, contain vulnerabilities that allow externally controlled access to resources in other areas.Information may be obtained and information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1155",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiddos-f",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.1.0"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.0"
          },
          {
            "model": "fortiswitch",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.5"
          },
          {
            "model": "fortimail",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.4"
          },
          {
            "model": "fortisoar",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.3.0"
          },
          {
            "model": "fortirecorder",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.0.0"
          },
          {
            "model": "fortirecorder",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.0"
          },
          {
            "model": "fortiauthenticator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.2"
          },
          {
            "model": "fortiauthenticator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.0"
          },
          {
            "model": "fortindr",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.2.0"
          },
          {
            "model": "fortiswitch",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.0"
          },
          {
            "model": "fortiauthenticator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.3.0"
          },
          {
            "model": "fortiddos-f",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.3.4"
          },
          {
            "model": "fortimail",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.0"
          },
          {
            "model": "fortiproxy",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.2.0"
          },
          {
            "model": "fortirecorder",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.0.11"
          },
          {
            "model": "fortiproxy",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.4.0"
          },
          {
            "model": "fortiauthenticator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.3.4"
          },
          {
            "model": "fortitester",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.2.2"
          },
          {
            "model": "fortindr",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.1.1"
          },
          {
            "model": "fortivoice",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.9"
          },
          {
            "model": "fortivoice",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.0.0"
          },
          {
            "model": "fortios",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.2.5"
          },
          {
            "model": "fortindr",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "1.4.0"
          },
          {
            "model": "fortiadc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.2.4"
          },
          {
            "model": "fortirecorder",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.3"
          },
          {
            "model": "fortiproxy",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.5"
          },
          {
            "model": "fortiwlc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.7"
          },
          {
            "model": "fortios",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.2.0"
          },
          {
            "model": "fortiadc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "5.4.0"
          },
          {
            "model": "fortios",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.6"
          },
          {
            "model": "fortisoar",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.4.0"
          },
          {
            "model": "fortitester",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "3.7.0"
          },
          {
            "model": "fortiproxy",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "2.0.0"
          },
          {
            "model": "fortiddos",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "5.3.0"
          },
          {
            "model": "fortiddos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "5.5.2"
          },
          {
            "model": "fortios",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "6.0.0"
          },
          {
            "model": "fortisoar",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortivoice",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortimail",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiadc",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortios",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiswitch",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "6.4.0  that\u0027s all  7.0.5"
          },
          {
            "model": "fortiauthenticator",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortindr",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiddos",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiddos-f",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiproxy",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortitester",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortirecorder",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "cve": "CVE-2022-23439",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.6,
                "id": "CVE-2022-23439",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-23439",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-23439",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2022-23439",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-23439",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-23439",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver. FortiADC , FortiAuthenticator , FortiDDoS Several Fortinet products, including the above, contain vulnerabilities that allow externally controlled access to resources in other areas.Information may be obtained and information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-23439",
            "trust": 2.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638",
            "trust": 0.8
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-23439",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23439"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "id": "VAR-202402-1155",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42976094
      },
      "last_update_date": "2025-02-22T23:38:28.822000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-610",
            "trust": 1.0
          },
          {
            "problemtype": "Externally controllable reference to another region resource (CWE-610) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://fortiguard.com/psirt/fg-ir-21-254"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23439"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/alphabugx/cve-2022-23305"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23439"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2022-23439"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-02-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "date": "2025-01-22T10:15:07.737000",
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-02-18T08:41:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          },
          {
            "date": "2025-02-12T13:39:42.107000",
            "db": "NVD",
            "id": "CVE-2022-23439"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple Fortinet products are vulnerable to externally controlled access to resources in other domains",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-025638"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202106-1947

    Vulnerability from variot - Updated: 2025-01-25 21:56

    An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command. fortinet's FortiWLC Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1947",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0.6"
          },
          {
            "model": "fortiwlc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.0.6  that\u0027s all  8.6.3"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "cve": "CVE-2021-26093",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.0,
                "id": "CVE-2021-26093",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.0,
                "id": "CVE-2021-26093",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-26093",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-26093",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-26093",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-26093",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-975",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202106-052",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An access of uninitialized pointer (CWE-824) vulnerability\u00a0in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point\u00a0being managed by the controller by executing a crafted CLI command. fortinet\u0027s FortiWLC Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-26093",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610",
            "trust": 0.8
          },
          {
            "db": "CS-HELP",
            "id": "SB2021041363",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1891",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021060140",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "id": "VAR-202106-1947",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5896806
      },
      "last_update_date": "2025-01-25T21:56:39.345000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-21-002",
            "trust": 0.8,
            "url": "https://www.fortiguard.com/psirt/FG-IR-21-002"
          },
          {
            "title": "Fortinet FortiWLC Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152493"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-824",
            "trust": 1.0
          },
          {
            "problemtype": "Accessing uninitialized pointers (CWE-824) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://fortiguard.com/psirt/fg-ir-21-002"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-26093"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1891"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021060140"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "date": "2021-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "date": "2024-12-19T08:15:14.717000",
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-01-22T08:44:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          },
          {
            "date": "2021-04-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          },
          {
            "date": "2021-06-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          },
          {
            "date": "2025-01-21T20:44:31.650000",
            "db": "NVD",
            "id": "CVE-2021-26093"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202106-052"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "fortinet\u0027s \u00a0FortiWLC\u00a0 Vulnerability in accessing uninitialized pointers in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021610"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-975"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201805-0224

    Vulnerability from variot - Updated: 2024-11-23 22:41

    The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell. Fortinet FortiWLC Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortiWLC is a wireless controller from Fortinet. There is a hard-coded account vulnerability in FortinetFortiWLC versions 7.0.11 and earlier. Fortinet FortiWLC is prone to multiple information-disclosure vulnerabilities. Information obtained may aid in further attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201805-0224",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.11"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0"
          },
          {
            "model": "fortiwlc",
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=7.0.11"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0.11"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-9-1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-9"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-8"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-10-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-10"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "University of Toronto",
        "sources": [
          {
            "db": "BID",
            "id": "104119"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-17539",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-17539",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-10699",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-108571",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-17539",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-17539",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-17539",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-10699",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201712-460",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-108571",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-17539",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell. Fortinet FortiWLC Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortiWLC is a wireless controller from Fortinet. There is a hard-coded account vulnerability in FortinetFortiWLC versions 7.0.11 and earlier. Fortinet FortiWLC is prone to multiple information-disclosure vulnerabilities. Information obtained may aid in further attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-17539",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "104119",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "id": "VAR-201805-0224",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:51.557000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-17-274",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/FG-IR-17-274"
          },
          {
            "title": "Patch for FortinetFortiWLC Hardcoded Account Vulnerability (CNVD-2018-10699)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/130775"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://fortiguard.com/advisory/fg-ir-17-274"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/104119"
          },
          {
            "trust": 0.9,
            "url": "https://fortiguard.com/psirt/fg-ir-17-274"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17539"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17539"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/798.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "date": "2018-05-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "date": "2018-05-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "BID",
            "id": "104119"
          },
          {
            "date": "2018-06-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "date": "2017-12-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "date": "2018-05-08T04:29:00.207000",
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-10699"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108571"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17539"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "BID",
            "id": "104119"
          },
          {
            "date": "2018-06-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          },
          {
            "date": "2024-11-21T03:18:07.860000",
            "db": "NVD",
            "id": "CVE-2017-17539"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Vulnerabilities related to the use of hard-coded credentials",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013365"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-460"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201805-0225

    Vulnerability from variot - Updated: 2024-11-23 22:41

    The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell. Fortinet FortiWLC Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortiWLC is a wireless controller from Fortinet. There is a hard-coded account vulnerability in FortinetFortiWLC8.3.3. Fortinet FortiWLC is prone to multiple information-disclosure vulnerabilities. Information obtained may aid in further attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201805-0225",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0.11"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "7.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": null,
            "trust": 0.8,
            "vendor": "fortinet",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "8.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0.11"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-9-1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-9"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-8"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-10-0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "7.0-10"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "University of Toronto",
        "sources": [
          {
            "db": "BID",
            "id": "104119"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-17540",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2017-17540",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-10700",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-108573",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-17540",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-17540",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2017-17540",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-10700",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201712-459",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-108573",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-17540",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell. Fortinet FortiWLC Contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortiWLC is a wireless controller from Fortinet. There is a hard-coded account vulnerability in FortinetFortiWLC8.3.3. Fortinet FortiWLC is prone to multiple information-disclosure vulnerabilities. Information obtained may aid in further attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-17540",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "104119",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "id": "VAR-201805-0225",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:51.521000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-17-274",
            "trust": 0.8,
            "url": "https://fortiguard.com/psirt/FG-IR-17-274"
          },
          {
            "title": "FortinetFortiWLC Hardcoded Account Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/130773"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-798",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://fortiguard.com/advisory/fg-ir-17-274"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/104119"
          },
          {
            "trust": 0.9,
            "url": "https://fortiguard.com/psirt/fg-ir-17-274"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17540"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17540"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortinet.com/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/798.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "db": "BID",
            "id": "104119"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "date": "2018-05-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "date": "2018-05-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "BID",
            "id": "104119"
          },
          {
            "date": "2018-06-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "date": "2017-12-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "date": "2018-05-08T04:29:00.380000",
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-05-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-10700"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-108573"
          },
          {
            "date": "2018-06-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-17540"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "BID",
            "id": "104119"
          },
          {
            "date": "2018-06-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          },
          {
            "date": "2018-05-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          },
          {
            "date": "2024-11-21T03:18:07.983000",
            "db": "NVD",
            "id": "CVE-2017-17540"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Vulnerabilities related to the use of hard-coded credentials",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-013366"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201712-459"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1548

    Vulnerability from variot - Updated: 2024-11-23 22:21

    An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile. FortiWLC Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. Fortinet FortiWLC is a wireless LAN controller from Fortinet. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1548",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "fortinet",
            "version": "8.5.1"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=8.5.1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:fortinet:fortiwlc",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          }
        ]
      },
      "cve": "CVE-2020-9288",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2020-9288",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006974",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2021-24254",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "VHN-187413",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2020-9288",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006974",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9288",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006974",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-24254",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1543",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187413",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile. FortiWLC Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. Fortinet FortiWLC is a wireless LAN controller from Fortinet. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9288",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2167",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "46966",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "id": "VAR-202006-1548",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          }
        ],
        "trust": 1.2896806
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:21:06.161000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-20-016",
            "trust": 0.8,
            "url": "https://fortiguard.com/advisory/FG-IR-20-016"
          },
          {
            "title": "Patch for Fortinet FortiWLC Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/255401"
          },
          {
            "title": "Fortinet FortiWLC Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122693"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9288"
          },
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/advisory/fg-ir-20-016"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9288"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/46966"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2167/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-03-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "date": "2020-06-22T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "date": "2020-07-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "date": "2020-06-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "date": "2020-06-22T16:15:12.120000",
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "date": "2020-06-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187413"
          },
          {
            "date": "2020-07-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006974"
          },
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          },
          {
            "date": "2024-11-21T05:40:21.787000",
            "db": "NVD",
            "id": "CVE-2020-9288"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet FortiWLC Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-24254"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1543"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-0729

    Vulnerability from variot - Updated: 2024-11-23 22:05

    An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions. FortiWLC Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0729",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.3"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.5"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.7"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.4"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0.6"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.1.3"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.6"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.5.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.7"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.3.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.0.5"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.5"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.1.2"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.1"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.1"
          },
          {
            "model": "fortiwlc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.4"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.8"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.4.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.0"
          },
          {
            "model": "fortiwlc",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.6.1  and earlier"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "cve": "CVE-2021-42758",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-42758",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "VHN-403820",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-42758",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-016088",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-42758",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-42758",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-42758",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-634",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-403820",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions. FortiWLC Exists in a fraudulent authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-42758",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-403820",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "id": "VAR-202112-0729",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          }
        ],
        "trust": 0.6896806
      },
      "last_update_date": "2024-11-23T22:05:05.648000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-21-200",
            "trust": 0.8,
            "url": "https://fortiguard.com/advisory/FG-IR-21-200"
          },
          {
            "title": "Fortinet FortiWLC Fixes for access control error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173883"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-863",
            "trust": 1.1
          },
          {
            "problemtype": "Illegal authentication (CWE-863) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/advisory/fg-ir-21-200"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-42758"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "date": "2022-12-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "date": "2021-12-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "date": "2021-12-08T11:15:11.887000",
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-403820"
          },
          {
            "date": "2022-12-06T07:32:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          },
          {
            "date": "2024-11-21T06:28:06.793000",
            "db": "NVD",
            "id": "CVE-2021-42758"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "FortiWLC\u00a0 Fraud related to unauthorized authentication in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-016088"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "access control error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-634"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202111-0313

    Vulnerability from variot - Updated: 2024-08-14 14:31

    A improper neutralization of special elements used in an OS command ('OS Command Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. Fortinet FortiWLM for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiWLC is a wireless LAN controller from Fortinet

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0313",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlm",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.2"
          },
          {
            "model": "fortiwlm",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.1"
          },
          {
            "model": "fortiwlm",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlm",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.6.1  and earlier"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=8.6.1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "cve": "CVE-2021-36185",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-36185",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2021-84257",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-398004",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-36185",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-014535",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-36185",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-36185",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-36185",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-84257",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202111-335",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-398004",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-36185",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) in Fortinet FortiWLM version 8.6.1 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests. Fortinet FortiWLM for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiWLC is a wireless LAN controller from Fortinet",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-36185",
            "trust": 4.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021120918",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "id": "VAR-202111-0313",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          }
        ],
        "trust": 1.1466260149999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          }
        ]
      },
      "last_update_date": "2024-08-14T14:31:31.608000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-21-110",
            "trust": 0.8,
            "url": "https://www.fortiguard.com/psirt/FG-IR-21-110"
          },
          {
            "title": "Patch for Fortinet FortiWLM has unspecified vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/296836"
          },
          {
            "title": "Fortinet FortiWLC Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169477"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.1
          },
          {
            "problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-36185"
          },
          {
            "trust": 1.8,
            "url": "https://fortiguard.com/advisory/fg-ir-21-110"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021120918"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "date": "2021-11-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "date": "2021-11-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "date": "2022-10-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "date": "2021-11-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "date": "2021-11-02T19:15:07.920000",
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-84257"
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398004"
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-36185"
          },
          {
            "date": "2022-10-20T04:37:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          },
          {
            "date": "2021-11-04T13:58:34.310000",
            "db": "NVD",
            "id": "CVE-2021-36185"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet\u00a0FortiWLM\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014535"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-335"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202111-0307

    Vulnerability from variot - Updated: 2024-08-14 14:31

    A improper neutralization of Special Elements used in an SQL Command ('SQL Injection') in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests. Fortinet FortiWLM for, SQL There is an injection vulnerability.Information may be obtained. Fortinet FortiWLC is a wireless LAN controller from Fortinet

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0307",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fortiwlm",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.2.2"
          },
          {
            "model": "fortiwlm",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "fortinet",
            "version": "8.6.1"
          },
          {
            "model": "fortiwlm",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": null
          },
          {
            "model": "fortiwlm",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "\u30d5\u30a9\u30fc\u30c6\u30a3\u30cd\u30c3\u30c8",
            "version": "8.6.1  and earlier"
          },
          {
            "model": "fortiwlc",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "fortinet",
            "version": "\u003c=8.6.1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "cve": "CVE-2021-36184",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-36184",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2021-84256",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-398003",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-36184",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@fortinet.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-36184",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-36184",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-36184",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "psirt@fortinet.com",
                "id": "CVE-2021-36184",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-36184",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-84256",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202111-336",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-398003",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A improper neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) in Fortinet FortiWLM version 8.6.1 and below allows attacker to disclosure device, users and database information via crafted HTTP requests. Fortinet FortiWLM for, SQL There is an injection vulnerability.Information may be obtained. Fortinet FortiWLC is a wireless LAN controller from Fortinet",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-36184",
            "trust": 3.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2021120918",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "id": "VAR-202111-0307",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          }
        ],
        "trust": 1.1466260149999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          }
        ]
      },
      "last_update_date": "2024-08-14T14:31:31.576000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FG-IR-21-107",
            "trust": 0.8,
            "url": "https://www.fortiguard.com/psirt/FG-IR-21-107"
          },
          {
            "title": "Patch for Fortinet FortiWLM SQL injection vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/296831"
          },
          {
            "title": "Fortinet FortiWLC SQL Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169637"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.1
          },
          {
            "problemtype": "SQL injection (CWE-89) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-36184"
          },
          {
            "trust": 1.7,
            "url": "https://fortiguard.com/advisory/fg-ir-21-107"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2021120918"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "date": "2021-11-02T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "date": "2022-10-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "date": "2021-11-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "date": "2021-11-02T19:15:07.873000",
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-84256"
          },
          {
            "date": "2021-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398003"
          },
          {
            "date": "2022-10-20T07:50:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          },
          {
            "date": "2021-11-04T14:36:17.723000",
            "db": "NVD",
            "id": "CVE-2021-36184"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Fortinet\u00a0FortiWLM\u00a0 In \u00a0SQL\u00a0 Injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-014567"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-336"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2021-32584 (GCVE-0-2021-32584)

    Vulnerability from nvd – Published: 2025-03-17 13:05 – Updated: 2025-03-17 13:37
    VLAI
    Summary
    An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.0 , ≤ 8.3.3 (semver)
    Affected: 8.2.4 , ≤ 8.2.7 (semver)
    Affected: 8.1.3
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-32584",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-17T13:37:19.143586Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-17T13:37:26.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.4",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL.  The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:44.978Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-138",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-138"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.5.4 or above.\nPlease upgrade to FortiWLC version 8.6.1 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-32584",
        "datePublished": "2025-03-17T13:05:44.978Z",
        "dateReserved": "2021-05-11T21:19:05.180Z",
        "dateUpdated": "2025-03-17T13:37:26.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26087 (GCVE-0-2021-26087)

    Vulnerability from nvd – Published: 2025-03-17 13:05 – Updated: 2025-03-17 13:52
    VLAI
    Summary
    An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.3
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26087",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-17T13:52:44.840845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-17T13:52:53.619Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.3.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:F/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:19.849Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-137",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-137"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.6.1 or above. Please upgrade to FortiWLC version 8.5.4 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-26087",
        "datePublished": "2025-03-17T13:05:19.849Z",
        "dateReserved": "2021-01-25T14:47:15.090Z",
        "dateUpdated": "2025-03-17T13:52:53.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-22126 (GCVE-0-2021-22126)

    Vulnerability from nvd – Published: 2025-03-17 13:05 – Updated: 2026-02-26 19:09
    VLAI
    Summary
    A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.5.0 , ≤ 8.5.2 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.2 , ≤ 8.3.3 (semver)
    Affected: 8.2.6 , ≤ 8.2.7 (semver)
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-22126",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T03:55:17.682980Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T19:09:28.871Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "8.5.2",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:55.333Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-147",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-147"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC versions 8.6.0 or above.\nPlease upgrade to FortiWLC versions 8.5.3 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-22126",
        "datePublished": "2025-03-17T13:05:55.333Z",
        "dateReserved": "2021-01-04T20:14:12.302Z",
        "dateUpdated": "2026-02-26T19:09:28.871Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-23439 (GCVE-0-2022-23439)

    Vulnerability from nvd – Published: 2025-01-22 09:10 – Updated: 2026-01-14 13:06
    VLAI
    Summary
    A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-610 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiTester Affected: 7.2.0 , ≤ 7.2.1 (semver)
    Affected: 7.1.0 , ≤ 7.1.1 (semver)
    Affected: 7.0.0
    Affected: 4.2.0 , ≤ 4.2.1 (semver)
    Affected: 4.1.0 , ≤ 4.1.1 (semver)
    Affected: 4.0.0
    Affected: 3.9.0 , ≤ 3.9.2 (semver)
    Affected: 3.8.0
    Affected: 3.7.0 , ≤ 3.7.1 (semver)
    Affected: 3.6.0
    Affected: 3.5.0 , ≤ 3.5.1 (semver)
    Affected: 3.4.0
    Affected: 3.3.0 , ≤ 3.3.1 (semver)
        cpe:2.3:a:fortinet:fortitester:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.8.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.7.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.7.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiOS Affected: 7.2.0
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
    Affected: 6.4.0 , ≤ 6.4.16 (semver)
    Affected: 6.2.0 , ≤ 6.2.17 (semver)
    Affected: 6.0.0 , ≤ 6.0.18 (semver)
    Affected: 6.4.0 , < 6.4.* (semver)
        cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiRecorder Affected: 6.4.0 , ≤ 6.4.2 (semver)
    Affected: 6.0.0 , ≤ 6.0.10 (semver)
    Affected: 2.7.0 , ≤ 2.7.7 (semver)
    Affected: 2.6.0 , ≤ 2.6.3 (semver)
        cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiNDR Affected: 7.2.0
    Affected: 7.1.0
    Affected: 7.0.0 , ≤ 7.0.7 (semver)
    Affected: 1.5.0 , ≤ 1.5.3 (semver)
    Affected: 1.4.0
    Affected: 1.3.0 , ≤ 1.3.1 (semver)
    Affected: 1.2.0
    Affected: 1.1.0
        cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiADC Affected: 7.0.0 , ≤ 7.0.1 (semver)
    Affected: 6.2.0 , ≤ 6.2.3 (semver)
    Affected: 6.1.0 , ≤ 6.1.6 (semver)
    Affected: 6.0.0 , ≤ 6.0.4 (semver)
    Affected: 5.4.0 , ≤ 5.4.5 (semver)
    Affected: 5.3.0 , ≤ 5.3.7 (semver)
    Affected: 5.2.0 , ≤ 5.2.8 (semver)
    Affected: 5.1.0 , ≤ 5.1.7 (semver)
    Affected: 5.0.0 , ≤ 5.0.4 (semver)
        cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiManager Affected: 7.4.0 , ≤ 7.4.3 (semver)
    Affected: 7.2.0 , ≤ 7.2.11 (semver)
    Affected: 7.0.0 , ≤ 7.0.15 (semver)
    Affected: 6.4.0 , ≤ 6.4.15 (semver)
    Affected: 6.2.0 , ≤ 6.2.13 (semver)
        cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiVoice Affected: 7.0.0 , ≤ 7.0.1 (semver)
    Affected: 6.4.0 , ≤ 6.4.8 (semver)
    Affected: 6.0.0 , ≤ 6.0.11 (semver)
        cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiSOAR on-premise Affected: 7.2.0 , ≤ 7.2.2 (semver)
    Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 6.4.3 , ≤ 6.4.4 (semver)
    Affected: 6.4.0 , ≤ 6.4.1 (semver)
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiDDoS Affected: 5.5.0 , ≤ 5.5.1 (semver)
    Affected: 5.4.0 , ≤ 5.4.3 (semver)
    Affected: 5.3.0 , ≤ 5.3.2 (semver)
    Affected: 5.2.0
    Affected: 5.1.0
    Affected: 5.0.0
    Affected: 4.7.0
    Affected: 4.6.0
    Affected: 4.5.0
        cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiWLC Affected: 8.6.0 , ≤ 8.6.7 (semver)
    Affected: 8.5.0 , ≤ 8.5.5 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
        cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiAnalyzer Affected: 7.4.0 , ≤ 7.4.2 (semver)
    Affected: 7.2.0 , ≤ 7.2.11 (semver)
    Affected: 7.0.0 , ≤ 7.0.15 (semver)
    Affected: 6.4.0 , ≤ 6.4.15 (semver)
    Affected: 6.2.0 , ≤ 6.2.13 (semver)
        cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiPortal Affected: 6.0.0 , ≤ 6.0.9 (semver)
        cpe:2.3:a:fortinet:fortiportal:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiAuthenticator Affected: 6.4.0 , ≤ 6.4.1 (semver)
    Affected: 6.3.0 , ≤ 6.3.3 (semver)
    Affected: 6.2.0 , ≤ 6.2.2 (semver)
    Affected: 6.1.0 , ≤ 6.1.3 (semver)
    Affected: 6.0.0 , ≤ 6.0.8 (semver)
    Affected: 5.5.0
    Affected: 5.4.0 , ≤ 5.4.1 (semver)
    Affected: 5.3.0 , ≤ 5.3.1 (semver)
    Affected: 5.2.0 , ≤ 5.2.2 (semver)
    Affected: 5.1.0 , ≤ 5.1.2 (semver)
        cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiMail Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 6.4.0 , ≤ 6.4.8 (semver)
    Affected: 6.2.0 , ≤ 6.2.9 (semver)
    Affected: 6.0.0 , ≤ 6.0.12 (semver)
    Affected: 5.4.0 , ≤ 5.4.12 (semver)
        cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiDDoS-F Affected: 6.3.0 , ≤ 6.3.3 (semver)
    Affected: 6.2.0 , ≤ 6.2.3 (semver)
    Affected: 6.1.0 , ≤ 6.1.5 (semver)
        cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiSwitch Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Affected: 6.4.0 , ≤ 6.4.10 (semver)
    Affected: 6.2.0 , ≤ 6.2.8 (semver)
    Affected: 6.0.0 , ≤ 6.0.7 (semver)
        cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiProxy Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Affected: 2.0.0 , ≤ 2.0.14 (semver)
    Affected: 1.2.0 , ≤ 1.2.13 (semver)
    Affected: 1.1.0 , ≤ 1.1.6 (semver)
    Affected: 1.0.0 , ≤ 1.0.7 (semver)
        cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.14:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23439",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-22T14:21:27.552014Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-22T14:21:36.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortitester:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.8.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.3.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiTester",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.1",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.1.1",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "7.0.0"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.1",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "lessThanOrEqual": "3.9.2",
                  "status": "affected",
                  "version": "3.9.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.8.0"
                },
                {
                  "lessThanOrEqual": "3.7.1",
                  "status": "affected",
                  "version": "3.7.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                },
                {
                  "lessThanOrEqual": "3.5.1",
                  "status": "affected",
                  "version": "3.5.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "lessThanOrEqual": "3.3.1",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiOS",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.16",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.17",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.18",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.4.*",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiRecorder",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.2",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.7.7",
                  "status": "affected",
                  "version": "2.7.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.6.3",
                  "status": "affected",
                  "version": "2.6.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiNDR",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "status": "affected",
                  "version": "7.1.0"
                },
                {
                  "lessThanOrEqual": "7.0.7",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.5.3",
                  "status": "affected",
                  "version": "1.5.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "lessThanOrEqual": "1.3.1",
                  "status": "affected",
                  "version": "1.3.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiADC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.1",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.3",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.6",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.4",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.5",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.7",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.8",
                  "status": "affected",
                  "version": "5.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.7",
                  "status": "affected",
                  "version": "5.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.0.4",
                  "status": "affected",
                  "version": "5.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiManager",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.3",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.11",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.15",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.13",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiVoice",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.1",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.8",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.11",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiSOAR on-premise",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.2",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.4",
                  "status": "affected",
                  "version": "6.4.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiDDoS",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.1",
                  "status": "affected",
                  "version": "5.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.3",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.2",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.2.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "5.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.7.0"
                },
                {
                  "status": "affected",
                  "version": "4.6.0"
                },
                {
                  "status": "affected",
                  "version": "4.5.0"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "8.6.7",
                  "status": "affected",
                  "version": "8.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.5",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiAnalyzer",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.2",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.11",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.15",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.13",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiportal:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiPortal",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.0.9",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiAuthenticator",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.3.3",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.2",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.3",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.8",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.5.0"
                },
                {
                  "lessThanOrEqual": "5.4.1",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.1",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.2",
                  "status": "affected",
                  "version": "5.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.2",
                  "status": "affected",
                  "version": "5.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiMail",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.8",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.9",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.12",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.12",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiDDoS-F",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.3",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.3",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.5",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiSwitch",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.10",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.8",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiProxy",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.0.14",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.2.13",
                  "status": "affected",
                  "version": "1.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.1.6",
                  "status": "affected",
                  "version": "1.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A externally controlled reference to a resource in another sphere vulnerability in Fortinet  allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-610",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T13:06:07.365Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-23-494",
              "url": "https://fortiguard.com/psirt/FG-IR-23-494"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "FortiOS\nAdministrative Interface\nUpgrade to FortiOS version 7.0.6 and above,\nUpgrade to FortiOS version 7.2.1 and above.\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nUpgrade to FortiOS version 7.4.0 or above\nUpgrade to FortiOS version 7.2.5 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebfilter interface (port 8008)\nUpgrade to FortiOS version 7.4.0 or above\nUpgrade to FortiOS version 7.2.5 or above\nUpgrade to FortiOS version 7.0.12 or above\nUpgrade to FortiOS version 6.4.13 or above\n\nFortiProxy\nAdministrative Interface\nUpgrade to FortiProxy version 7.0.5 and above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nUpgrade to FortiProxy version 7.4.0 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebFilter\u00a0interface (port 8008)\nUpgrade to FortiProxy version 7.4.0 or above\n\nUpgrade to FortiRecorder version 7.0.0 or above \nUpgrade to FortiRecorder version 6.4.3 or above \nUpgrade to FortiRecorder version 6.0.11 or above \nUpgrade to FortiNDR version 7.4.0 or above\n\nFortiAnalyzer \u0026 FortiManager\n\nUpgrade to version 7.6.0 or above \nUpgrade to version 7.4.4 or above \n\nSet the `admin-host` property to the device hostname, which will disable `Host redirection` for administrative interface.\nconfig system global\n    set admin-host  \nend\n\nFortiNDR\nUpgrade to FortiNDR version 7.2.1 or above\nUpgrade to FortiNDR version 7.1.1 or above\nAND\nSet the `https-redirect-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set https-redirect-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\nend\n\nFortiADC\nUpgrade to FortiADC version 7.1.0 or above\nUpgrade to FortiADC version 7.0.2 or above\nUpgrade to FortiADC version 6.2.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nFortiDDOS-F\nUpgrade to FortiDDoS-F version 6.4.0 or above\nUpgrade to FortiDDoS-F version 6.3.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\" \n\nUpgrade to FortiSwitch version 7.2.0 or above \nUpgrade to FortiSwitch version 7.0.5 or above \nUpgrade to FortiSwitch version 6.4.11 or above \nUpgrade to FortiVoice version 7.0.2 or above\nUpgrade to FortiVoice version 6.4.9 or above\nUpgrade to FortiMail version 7.2.0 or above \nUpgrade to FortiMail version 7.0.4 or above \nUpgrade to FortiWLC version 8.6.7 or above \nUpgrade to FortiAuthenticator version 6.4.2 or above \nUpgrade to FortiAuthenticator version 6.3.4 or above \nUpgrade to FortiDDoS version 5.6.0 or above \nUpgrade to FortiDDoS version 5.5.2 or above \nUpgrade to FortiSOAR version 7.3.0 or above \nUpgrade to FortiTester version 7.3.0 or above \nUpgrade to FortiTester version 7.2.2 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-23439",
        "datePublished": "2025-01-22T09:10:28.669Z",
        "dateReserved": "2022-01-19T07:38:03.512Z",
        "dateUpdated": "2026-01-14T13:06:07.365Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-26093 (GCVE-0-2021-26093)

    Vulnerability from nvd – Published: 2024-12-19 07:47 – Updated: 2024-12-20 17:41
    VLAI
    Summary
    An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.0 , ≤ 8.3.3 (semver)
    Affected: 8.2.4 , ≤ 8.2.7 (semver)
    Affected: 8.1.2 , ≤ 8.1.3 (semver)
    Affected: 8.0.6
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.0.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26093",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-20T16:45:09.690266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-20T17:41:17.833Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.0.6:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.1.3",
                  "status": "affected",
                  "version": "8.1.2",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An access of uninitialized pointer (CWE-824) vulnerability\u00a0in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point\u00a0being managed by the controller by executing a crafted CLI command."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "Denial of service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-19T07:47:44.394Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-21-002",
              "url": "https://fortiguard.com/psirt/FG-IR-21-002"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.6.3 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-26093",
        "datePublished": "2024-12-19T07:47:44.394Z",
        "dateReserved": "2021-01-25T14:47:15.093Z",
        "dateUpdated": "2024-12-20T17:41:17.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42758 (GCVE-0-2021-42758)

    Vulnerability from nvd – Published: 2021-12-08 10:53 – Updated: 2024-10-25 13:42
    VLAI
    Summary
    An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Improper access control
    Assigner
    References
    URL Tags
    https://fortiguard.com/advisory/FG-IR-21-200 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet Fortinet FortiWLC Affected: FortiWLC 8.6.1 and below
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:38:50.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/advisory/FG-IR-21-200"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-42758",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:13:15.441432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T13:42:26.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fortinet FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "FortiWLC 8.6.1 and below"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "PROOF_OF_CONCEPT",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "remediationLevel": "UNAVAILABLE",
                "reportConfidence": "REASONABLE",
                "scope": "UNCHANGED",
                "temporalScore": 8,
                "temporalSeverity": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-08T10:53:03.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/advisory/FG-IR-21-200"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2021-42758",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fortinet FortiWLC",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FortiWLC 8.6.1 and below"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "availabilityImpact": "High",
                "baseScore": 8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "userInteraction": "None",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://fortiguard.com/advisory/FG-IR-21-200",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/advisory/FG-IR-21-200"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-42758",
        "datePublished": "2021-12-08T10:53:03.000Z",
        "dateReserved": "2021-10-20T00:00:00.000Z",
        "dateUpdated": "2024-10-25T13:42:26.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9288 (GCVE-0-2020-9288)

    Vulnerability from nvd – Published: 2020-06-22 15:14 – Updated: 2024-10-25 14:01
    VLAI
    Summary
    An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Execute unauthorized code or commands
    Assigner
    References
    URL Tags
    https://fortiguard.com/advisory/FG-IR-20-016 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet Fortinet FortiWLC Affected: FortiWLC 8.5.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:26:15.623Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/advisory/FG-IR-20-016"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-9288",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T13:59:11.194658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T14:01:09.947Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fortinet FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "FortiWLC 8.5.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-22T15:14:43.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/advisory/FG-IR-20-016"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2020-9288",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fortinet FortiWLC",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FortiWLC 8.5.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Profile."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Execute unauthorized code or commands"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://fortiguard.com/advisory/FG-IR-20-016",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/advisory/FG-IR-20-016"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2020-9288",
        "datePublished": "2020-06-22T15:14:43.000Z",
        "dateReserved": "2020-02-19T00:00:00.000Z",
        "dateUpdated": "2024-10-25T14:01:09.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-22126 (GCVE-0-2021-22126)

    Vulnerability from cvelistv5 – Published: 2025-03-17 13:05 – Updated: 2026-02-26 19:09
    VLAI
    Summary
    A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.5.0 , ≤ 8.5.2 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.2 , ≤ 8.3.3 (semver)
    Affected: 8.2.6 , ≤ 8.2.7 (semver)
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-22126",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T03:55:17.682980Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T19:09:28.871Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "8.5.2",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.2",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and below, version 8.3.3 to 8.3.2, version 8.2.7 to 8.2.6 may allow a local, authenticated attacker to connect to the managed Access Point (Meru AP and FortiAP-U) as root using the default hard-coded username and password."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:55.333Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-147",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-147"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC versions 8.6.0 or above.\nPlease upgrade to FortiWLC versions 8.5.3 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-22126",
        "datePublished": "2025-03-17T13:05:55.333Z",
        "dateReserved": "2021-01-04T20:14:12.302Z",
        "dateUpdated": "2026-02-26T19:09:28.871Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-32584 (GCVE-0-2021-32584)

    Vulnerability from cvelistv5 – Published: 2025-03-17 13:05 – Updated: 2025-03-17 13:37
    VLAI
    Summary
    An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL. The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.0 , ≤ 8.3.3 (semver)
    Affected: 8.2.4 , ≤ 8.2.7 (semver)
    Affected: 8.1.3
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-32584",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-17T13:37:19.143586Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-17T13:37:26.791Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.4",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.1.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 and below, version 8.2.7 to 8.2.4, version 8.1.3 may allow an unauthenticated and remote attacker to access certain areas of the web management CGI functionality by just specifying the correct URL.  The vulnerability applies only to limited CGI resources and might allow the unauthorized party to access configuration details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:44.978Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-138",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-138"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.5.4 or above.\nPlease upgrade to FortiWLC version 8.6.1 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-32584",
        "datePublished": "2025-03-17T13:05:44.978Z",
        "dateReserved": "2021-05-11T21:19:05.180Z",
        "dateUpdated": "2025-03-17T13:37:26.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-26087 (GCVE-0-2021-26087)

    Vulnerability from cvelistv5 – Published: 2025-03-17 13:05 – Updated: 2025-03-17 13:52
    VLAI
    Summary
    An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Execute unauthorized code or commands
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.3
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26087",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-17T13:52:44.840845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-17T13:52:53.619Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.3.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper neutralization of input during web page generation in FortiWLC version 8.6.0, version 8.5.3 and below, version 8.4.8 and below, version 8.3.3 web interface may allow both authenticated remote attackers and non-authenticated attackers in the same network as the appliance to perform a stored cross site scripting attack (XSS) via injecting malicious payloads in different locations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:F/RL:X/RC:X",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "Execute unauthorized code or commands",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-03-17T13:05:19.849Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.fortinet.com/psirt/FG-IR-20-137",
              "url": "https://fortiguard.fortinet.com/psirt/FG-IR-20-137"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.6.1 or above. Please upgrade to FortiWLC version 8.5.4 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-26087",
        "datePublished": "2025-03-17T13:05:19.849Z",
        "dateReserved": "2021-01-25T14:47:15.090Z",
        "dateUpdated": "2025-03-17T13:52:53.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-23439 (GCVE-0-2022-23439)

    Vulnerability from cvelistv5 – Published: 2025-01-22 09:10 – Updated: 2026-01-14 13:06
    VLAI
    Summary
    A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-610 - Improper access control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiTester Affected: 7.2.0 , ≤ 7.2.1 (semver)
    Affected: 7.1.0 , ≤ 7.1.1 (semver)
    Affected: 7.0.0
    Affected: 4.2.0 , ≤ 4.2.1 (semver)
    Affected: 4.1.0 , ≤ 4.1.1 (semver)
    Affected: 4.0.0
    Affected: 3.9.0 , ≤ 3.9.2 (semver)
    Affected: 3.8.0
    Affected: 3.7.0 , ≤ 3.7.1 (semver)
    Affected: 3.6.0
    Affected: 3.5.0 , ≤ 3.5.1 (semver)
    Affected: 3.4.0
    Affected: 3.3.0 , ≤ 3.3.1 (semver)
        cpe:2.3:a:fortinet:fortitester:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:4.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.9.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.8.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.7.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.7.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortitester:3.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiOS Affected: 7.2.0
    Affected: 7.0.0 , ≤ 7.0.5 (semver)
    Affected: 6.4.0 , ≤ 6.4.16 (semver)
    Affected: 6.2.0 , ≤ 6.2.17 (semver)
    Affected: 6.0.0 , ≤ 6.0.18 (semver)
    Affected: 6.4.0 , < 6.4.* (semver)
        cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.17:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiRecorder Affected: 6.4.0 , ≤ 6.4.2 (semver)
    Affected: 6.0.0 , ≤ 6.0.10 (semver)
    Affected: 2.7.0 , ≤ 2.7.7 (semver)
    Affected: 2.6.0 , ≤ 2.6.3 (semver)
        cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiNDR Affected: 7.2.0
    Affected: 7.1.0
    Affected: 7.0.0 , ≤ 7.0.7 (semver)
    Affected: 1.5.0 , ≤ 1.5.3 (semver)
    Affected: 1.4.0
    Affected: 1.3.0 , ≤ 1.3.1 (semver)
    Affected: 1.2.0
    Affected: 1.1.0
        cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiADC Affected: 7.0.0 , ≤ 7.0.1 (semver)
    Affected: 6.2.0 , ≤ 6.2.3 (semver)
    Affected: 6.1.0 , ≤ 6.1.6 (semver)
    Affected: 6.0.0 , ≤ 6.0.4 (semver)
    Affected: 5.4.0 , ≤ 5.4.5 (semver)
    Affected: 5.3.0 , ≤ 5.3.7 (semver)
    Affected: 5.2.0 , ≤ 5.2.8 (semver)
    Affected: 5.1.0 , ≤ 5.1.7 (semver)
    Affected: 5.0.0 , ≤ 5.0.4 (semver)
        cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*
        cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiManager Affected: 7.4.0 , ≤ 7.4.3 (semver)
    Affected: 7.2.0 , ≤ 7.2.11 (semver)
    Affected: 7.0.0 , ≤ 7.0.15 (semver)
    Affected: 6.4.0 , ≤ 6.4.15 (semver)
    Affected: 6.2.0 , ≤ 6.2.13 (semver)
        cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiVoice Affected: 7.0.0 , ≤ 7.0.1 (semver)
    Affected: 6.4.0 , ≤ 6.4.8 (semver)
    Affected: 6.0.0 , ≤ 6.0.11 (semver)
        cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiSOAR on-premise Affected: 7.2.0 , ≤ 7.2.2 (semver)
    Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 6.4.3 , ≤ 6.4.4 (semver)
    Affected: 6.4.0 , ≤ 6.4.1 (semver)
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortisoaron-premise:6.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiDDoS Affected: 5.5.0 , ≤ 5.5.1 (semver)
    Affected: 5.4.0 , ≤ 5.4.3 (semver)
    Affected: 5.3.0 , ≤ 5.3.2 (semver)
    Affected: 5.2.0
    Affected: 5.1.0
    Affected: 5.0.0
    Affected: 4.7.0
    Affected: 4.6.0
    Affected: 4.5.0
        cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiWLC Affected: 8.6.0 , ≤ 8.6.7 (semver)
    Affected: 8.5.0 , ≤ 8.5.5 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
        cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiAnalyzer Affected: 7.4.0 , ≤ 7.4.2 (semver)
    Affected: 7.2.0 , ≤ 7.2.11 (semver)
    Affected: 7.0.0 , ≤ 7.0.15 (semver)
    Affected: 6.4.0 , ≤ 6.4.15 (semver)
    Affected: 6.2.0 , ≤ 6.2.13 (semver)
        cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiPortal Affected: 6.0.0 , ≤ 6.0.9 (semver)
        cpe:2.3:a:fortinet:fortiportal:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiportal:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiAuthenticator Affected: 6.4.0 , ≤ 6.4.1 (semver)
    Affected: 6.3.0 , ≤ 6.3.3 (semver)
    Affected: 6.2.0 , ≤ 6.2.2 (semver)
    Affected: 6.1.0 , ≤ 6.1.3 (semver)
    Affected: 6.0.0 , ≤ 6.0.8 (semver)
    Affected: 5.5.0
    Affected: 5.4.0 , ≤ 5.4.1 (semver)
    Affected: 5.3.0 , ≤ 5.3.1 (semver)
    Affected: 5.2.0 , ≤ 5.2.2 (semver)
    Affected: 5.1.0 , ≤ 5.1.2 (semver)
        cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiMail Affected: 7.0.0 , ≤ 7.0.3 (semver)
    Affected: 6.4.0 , ≤ 6.4.8 (semver)
    Affected: 6.2.0 , ≤ 6.2.9 (semver)
    Affected: 6.0.0 , ≤ 6.0.12 (semver)
    Affected: 5.4.0 , ≤ 5.4.12 (semver)
        cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiDDoS-F Affected: 6.3.0 , ≤ 6.3.3 (semver)
    Affected: 6.2.0 , ≤ 6.2.3 (semver)
    Affected: 6.1.0 , ≤ 6.1.5 (semver)
        cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*
        cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiSwitch Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Affected: 6.4.0 , ≤ 6.4.10 (semver)
    Affected: 6.2.0 , ≤ 6.2.8 (semver)
    Affected: 6.0.0 , ≤ 6.0.7 (semver)
        cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Fortinet FortiProxy Affected: 7.0.0 , ≤ 7.0.4 (semver)
    Affected: 2.0.0 , ≤ 2.0.14 (semver)
    Affected: 1.2.0 , ≤ 1.2.13 (semver)
    Affected: 1.1.0 , ≤ 1.1.6 (semver)
    Affected: 1.0.0 , ≤ 1.0.7 (semver)
        cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.14:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-23439",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-22T14:21:27.552014Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-22T14:21:36.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortitester:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:4.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.9.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.8.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortitester:3.3.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiTester",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.1",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.1.1",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "7.0.0"
                },
                {
                  "lessThanOrEqual": "4.2.1",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.1.1",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "lessThanOrEqual": "3.9.2",
                  "status": "affected",
                  "version": "3.9.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.8.0"
                },
                {
                  "lessThanOrEqual": "3.7.1",
                  "status": "affected",
                  "version": "3.7.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.6.0"
                },
                {
                  "lessThanOrEqual": "3.5.1",
                  "status": "affected",
                  "version": "3.5.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "lessThanOrEqual": "3.3.1",
                  "status": "affected",
                  "version": "3.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiOS",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "lessThanOrEqual": "7.0.5",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.16",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.17",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.18",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "6.4.*",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiRecorder",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.2",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.10",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.7.7",
                  "status": "affected",
                  "version": "2.7.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.6.3",
                  "status": "affected",
                  "version": "2.6.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortindr:1.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiNDR",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2.0"
                },
                {
                  "status": "affected",
                  "version": "7.1.0"
                },
                {
                  "lessThanOrEqual": "7.0.7",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.5.3",
                  "status": "affected",
                  "version": "1.5.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "1.4.0"
                },
                {
                  "lessThanOrEqual": "1.3.1",
                  "status": "affected",
                  "version": "1.3.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiADC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.1",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.3",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.6",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.4",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.5",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.7",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.8",
                  "status": "affected",
                  "version": "5.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.7",
                  "status": "affected",
                  "version": "5.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.0.4",
                  "status": "affected",
                  "version": "5.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiManager",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.3",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.11",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.15",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.13",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiVoice",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.1",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.8",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.11",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortisoaron-premise:6.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiSOAR on-premise",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.2",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.4",
                  "status": "affected",
                  "version": "6.4.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiDDoS",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "5.5.1",
                  "status": "affected",
                  "version": "5.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.3",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.2",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.2.0"
                },
                {
                  "status": "affected",
                  "version": "5.1.0"
                },
                {
                  "status": "affected",
                  "version": "5.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.7.0"
                },
                {
                  "status": "affected",
                  "version": "4.6.0"
                },
                {
                  "status": "affected",
                  "version": "4.5.0"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "8.6.7",
                  "status": "affected",
                  "version": "8.6.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.5.5",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiAnalyzer",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.4.2",
                  "status": "affected",
                  "version": "7.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.2.11",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "7.0.15",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.15",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.13",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiportal:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiportal:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiPortal",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.0.9",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiAuthenticator",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.1",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.3.3",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.2",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.3",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.8",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "5.5.0"
                },
                {
                  "lessThanOrEqual": "5.4.1",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.3.1",
                  "status": "affected",
                  "version": "5.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.2.2",
                  "status": "affected",
                  "version": "5.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.1.2",
                  "status": "affected",
                  "version": "5.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiMail",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.3",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.8",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.9",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.12",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.12",
                  "status": "affected",
                  "version": "5.4.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiDDoS-F",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.3",
                  "status": "affected",
                  "version": "6.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.3",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.5",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiSwitch",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.10",
                  "status": "affected",
                  "version": "6.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.8",
                  "status": "affected",
                  "version": "6.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.7",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.14:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiProxy",
              "vendor": "Fortinet",
              "versions": [
                {
                  "lessThanOrEqual": "7.0.4",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "2.0.14",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.2.13",
                  "status": "affected",
                  "version": "1.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.1.6",
                  "status": "affected",
                  "version": "1.1.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A externally controlled reference to a resource in another sphere vulnerability in Fortinet  allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-610",
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-01-14T13:06:07.365Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-23-494",
              "url": "https://fortiguard.com/psirt/FG-IR-23-494"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "FortiOS\nAdministrative Interface\nUpgrade to FortiOS version 7.0.6 and above,\nUpgrade to FortiOS version 7.2.1 and above.\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nUpgrade to FortiOS version 7.4.0 or above\nUpgrade to FortiOS version 7.2.5 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebfilter interface (port 8008)\nUpgrade to FortiOS version 7.4.0 or above\nUpgrade to FortiOS version 7.2.5 or above\nUpgrade to FortiOS version 7.0.12 or above\nUpgrade to FortiOS version 6.4.13 or above\n\nFortiProxy\nAdministrative Interface\nUpgrade to FortiProxy version 7.0.5 and above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nUpgrade to FortiProxy version 7.4.0 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebFilter\u00a0interface (port 8008)\nUpgrade to FortiProxy version 7.4.0 or above\n\nUpgrade to FortiRecorder version 7.0.0 or above \nUpgrade to FortiRecorder version 6.4.3 or above \nUpgrade to FortiRecorder version 6.0.11 or above \nUpgrade to FortiNDR version 7.4.0 or above\n\nFortiAnalyzer \u0026 FortiManager\n\nUpgrade to version 7.6.0 or above \nUpgrade to version 7.4.4 or above \n\nSet the `admin-host` property to the device hostname, which will disable `Host redirection` for administrative interface.\nconfig system global\n    set admin-host  \nend\n\nFortiNDR\nUpgrade to FortiNDR version 7.2.1 or above\nUpgrade to FortiNDR version 7.1.1 or above\nAND\nSet the `https-redirect-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set https-redirect-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\nend\n\nFortiADC\nUpgrade to FortiADC version 7.1.0 or above\nUpgrade to FortiADC version 7.0.2 or above\nUpgrade to FortiADC version 6.2.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nFortiDDOS-F\nUpgrade to FortiDDoS-F version 6.4.0 or above\nUpgrade to FortiDDoS-F version 6.3.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\" \n\nUpgrade to FortiSwitch version 7.2.0 or above \nUpgrade to FortiSwitch version 7.0.5 or above \nUpgrade to FortiSwitch version 6.4.11 or above \nUpgrade to FortiVoice version 7.0.2 or above\nUpgrade to FortiVoice version 6.4.9 or above\nUpgrade to FortiMail version 7.2.0 or above \nUpgrade to FortiMail version 7.0.4 or above \nUpgrade to FortiWLC version 8.6.7 or above \nUpgrade to FortiAuthenticator version 6.4.2 or above \nUpgrade to FortiAuthenticator version 6.3.4 or above \nUpgrade to FortiDDoS version 5.6.0 or above \nUpgrade to FortiDDoS version 5.5.2 or above \nUpgrade to FortiSOAR version 7.3.0 or above \nUpgrade to FortiTester version 7.3.0 or above \nUpgrade to FortiTester version 7.2.2 or above"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2022-23439",
        "datePublished": "2025-01-22T09:10:28.669Z",
        "dateReserved": "2022-01-19T07:38:03.512Z",
        "dateUpdated": "2026-01-14T13:06:07.365Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-26093 (GCVE-0-2021-26093)

    Vulnerability from cvelistv5 – Published: 2024-12-19 07:47 – Updated: 2024-12-20 17:41
    VLAI
    Summary
    An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the controller by executing a crafted CLI command.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortinet FortiWLC Affected: 8.6.0
    Affected: 8.5.0 , ≤ 8.5.3 (semver)
    Affected: 8.4.4 , ≤ 8.4.8 (semver)
    Affected: 8.4.0 , ≤ 8.4.2 (semver)
    Affected: 8.3.0 , ≤ 8.3.3 (semver)
    Affected: 8.2.4 , ≤ 8.2.7 (semver)
    Affected: 8.1.2 , ≤ 8.1.3 (semver)
    Affected: 8.0.6
        cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.1.2:*:*:*:*:*:*:*
        cpe:2.3:a:fortinet:fortiwlc:8.0.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-26093",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-20T16:45:09.690266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-20T17:41:17.833Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.2.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.1.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:fortinet:fortiwlc:8.0.6:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.6.0"
                },
                {
                  "lessThanOrEqual": "8.5.3",
                  "status": "affected",
                  "version": "8.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.8",
                  "status": "affected",
                  "version": "8.4.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.4.2",
                  "status": "affected",
                  "version": "8.4.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.3.3",
                  "status": "affected",
                  "version": "8.3.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.7",
                  "status": "affected",
                  "version": "8.2.4",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.1.3",
                  "status": "affected",
                  "version": "8.1.2",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "8.0.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An access of uninitialized pointer (CWE-824) vulnerability\u00a0in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point\u00a0being managed by the controller by executing a crafted CLI command."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "Denial of service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-19T07:47:44.394Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "https://fortiguard.com/psirt/FG-IR-21-002",
              "url": "https://fortiguard.com/psirt/FG-IR-21-002"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Please upgrade to FortiWLC version 8.6.3 or above."
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-26093",
        "datePublished": "2024-12-19T07:47:44.394Z",
        "dateReserved": "2021-01-25T14:47:15.093Z",
        "dateUpdated": "2024-12-20T17:41:17.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-42758 (GCVE-0-2021-42758)

    Vulnerability from cvelistv5 – Published: 2021-12-08 10:53 – Updated: 2024-10-25 13:42
    VLAI
    Summary
    An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Improper access control
    Assigner
    References
    URL Tags
    https://fortiguard.com/advisory/FG-IR-21-200 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet Fortinet FortiWLC Affected: FortiWLC 8.6.1 and below
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:38:50.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/advisory/FG-IR-21-200"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-42758",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:13:15.441432Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T13:42:26.199Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fortinet FortiWLC",
              "vendor": "Fortinet",
              "versions": [
                {
                  "status": "affected",
                  "version": "FortiWLC 8.6.1 and below"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "PROOF_OF_CONCEPT",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "remediationLevel": "UNAVAILABLE",
                "reportConfidence": "REASONABLE",
                "scope": "UNCHANGED",
                "temporalScore": 8,
                "temporalSeverity": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Improper access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-08T10:53:03.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/advisory/FG-IR-21-200"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2021-42758",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fortinet FortiWLC",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FortiWLC 8.6.1 and below"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "availabilityImpact": "High",
                "baseScore": 8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "userInteraction": "None",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://fortiguard.com/advisory/FG-IR-21-200",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/advisory/FG-IR-21-200"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2021-42758",
        "datePublished": "2021-12-08T10:53:03.000Z",
        "dateReserved": "2021-10-20T00:00:00.000Z",
        "dateUpdated": "2024-10-25T13:42:26.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CERTFR-2025-AVI-0031

    Vulnerability from certfr_avis - Published: 2025-01-15 - Updated: 2025-01-15

    De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Fortinet FortiClient FortiClientMac versions antérieures à 7.2.5
    Fortinet FortiDDoS-F FortiDDoS-F versions antérieures à 6.3.3
    Fortinet FortiAnalyzer FortiAnalyzer versions 7.6.x antérieures à 7.6.2
    Fortinet FortiOS FortiOS versions antérieures à 7.6.1 pour la vulnérabilité CVE-2024-52963
    Fortinet FortiRecorder FortiRecorder versions antérieures à 7.0.5
    Fortinet FortiAnalyzer FortiAnalyzer versions 7.2.x antérieures à 7.2.6
    Fortinet FortiAnalyzer FortiAnalyzer versions 7.0.x antérieures à 7.0.13
    Fortinet FortiSOAR FortiSOAR versions 7.4.x antérieures à 7.4.5
    Fortinet FortiManager FortiManager versions 7.6.x antérieures à 7.6.2
    Fortinet FortiSOAR Connecteur IMAP pour FortiSOAR versions antérieures à 3.5.8
    Fortinet FortiManager FortiManager Cloud versions postérieures à 7.4.1 et antérieures à 7.4.4
    Fortinet FortiOS FortiOS versions antérieures à 7.0.16
    Fortinet FortiPortal FortiPortal versions 7.0.x antérieures à 7.0.9
    Fortinet FortiWLC FortiWLC versions 8.6.x antérieures à 8.6.6
    Fortinet FortiManager FortiManager versions 6.4.x antérieures à 6.4.15
    Fortinet FortiClient FortiClientEMS versions 7.4.x antérieures à 7.4.1
    Fortinet FortiClient FortiClientEMS Cloud versions antérieures à 7.2.5
    Fortinet FortiClient FortiClientEMS Cloud versions 7.4.x antérieures à 7.4.1
    Fortinet FortiPortal FortiPortal versions 6.0.x antérieures à 6.0.15
    Fortinet FortiClient FortiClientMac versions antérieures à 7.4.0
    Fortinet FortiOS FortiOS versions 7.4.x antérieures à 7.4.5
    Fortinet FortiMail FortiMail versions 6.4x antérieures à 6.4.8
    Fortinet FortiManager FortiManager versions 7.0.x antérieures à 7.0.13
    Fortinet FortiVoiceEnterprise FortiVoiceEnterprise versions antérieures à 6.0.10
    Fortinet FortiAnalyzer FortiAnalyzer Cloud versions 7.4.x postérieures à 7.4.1 et antérieures à 7.4.4
    Fortinet FortiWeb FortiWeb versions 7.2.x antérieures à 7.2.8
    Fortinet FortiManager FortiManager Cloud versions postérieures à 7.2.1 et antérieures à 7.2.7
    Fortinet FortiAnalyzer FortiAnalyzer Cloud versions 7.2.x postérieures à 7.2.1 et antérieures à 7.2.7
    Fortinet FortiSwitch FortiSwitch versions 7.4.x antérieures à 7.4.1
    Fortinet FortiWeb FortiWeb versions 7.6.x antérieures à 7.6.2
    Fortinet FortiAP-W2 FortiAP-W2 versions antérieures à 7.2.4
    Fortinet FortiClient FortiClientEMS versions antérieures à 7.2.5
    Fortinet FortiVoice FortiVoice versions 7.0.x antérieures à 7.0.5
    Fortinet FortiOS FortiOS versions 7.2.x antérieures à 7.2.10
    Fortinet FortiSwitch FortiSwitch versions 7.2.x antérieures à 7.2.6
    Fortinet FortiDDoS FortiDDoS versions antérieures à 5.5.1
    Fortinet FortiAP FortiAP versions antérieures à 7.2.4
    Fortinet FortiSwitch FortiSwitch versions antérieures à 6.2.8
    Fortinet FortiClient FortiClientWindows versions antérieures à 7.4.1
    Fortinet FortiSOAR FortiSOAR versions antérieures à 7.2.2 Security Patch 9
    Fortinet FortiAnalyzer FortiAnalyzer-BigData versions 7.2.x antérieures à 7.2.6
    Fortinet FortiDeceptor FortiDeceptor versions antérieures à 6.0.1
    Fortinet FortiAP-S FortiAP-S versions antérieures à 6.4.10
    Fortinet FortiVoiceEnterprise FortiVoiceEnterprise versions 6.4.x antérieures à 6.4.4
    Fortinet FortiAuthenticator FortiAuthenticator versions antérieures à 6.3.3
    Fortinet FortiPortal FortiPortal versions 7.2.x antérieures à 7.2.5
    Fortinet FortiProxy FortiProxy versions 7.0.x antérieures à 7.0.19
    Fortinet FortiOS FortiOS versions 7.6.x antérieures à 7.6.1
    Fortinet FortiAnalyzer FortiAnalyzer versions 7.4.x antérieures à 7.4.4
    Fortinet FortiWeb FortiWeb versions 7.4.x antérieures à 7.4.5
    Fortinet FortiManager FortiManager Cloud versions antérieures à 7.0.13
    Fortinet FortiSandbox FortiSandbox versions 4.4.x antérieures à 4.4.5
    Fortinet FortiAP FortiAP versions 7.4.x antérieures à 7.4.3
    Fortinet FortiClient FortiClientLinux versions antérieures à 7.2.5
    Fortinet FortiSwitch FortiSwitch versions 6.4.x antérieures à 6.4.14
    Fortinet FortiNDR FortiNDR versions antérieures à 7.2.2
    Fortinet FortiManager FortiManager versions 6.2.x antérieures à 6.2.12
    Fortinet FortiAnalyzer FortiAnalyzer Cloud versions antérieures à 7.0.12
    Fortinet FortiManager FortiManager versions 7.4.x antérieures à 7.4.1
    Fortinet FortiMail FortiMail versions 7.2.x antérieures à 7.2.5
    Fortinet FortiNDR FortiNDR versions 7.4.x antérieures à 7.4.3
    Fortinet FortiProxy FortiProxy versions 2.0.x antérieures à 2.0.15
    Fortinet FortiSOAR FortiSOAR versions 7.3.x antérieures à 7.3.3
    Fortinet FortiManager FortiManager versions 7.2.x antérieures à 7.2.6
    Fortinet FortiClient FortiClientLinux versions antérieures à 7.4.0
    Fortinet FortiSIEM FortiSIEM versions antérieures à 7.1.6
    Fortinet FortiSandbox FortiSandbox versions antérieures à 4.0.5
    Fortinet FortiAP-W2 FortiAP-W2 versions 7.4.x antérieures à 7.4.3
    Fortinet FortiSandbox FortiSandbox versions 4.2.x antérieures à 4.2.7
    Fortinet FortiADC FortiADC versions 6.2.x antérieures à 6.2.4
    Fortinet FortiProxy FortiProxy versions 7.4.x antérieures à 7.4.6
    Fortinet FortiSwitch FortiSwitch versions 7.0.x antérieures à 7.0.8
    Fortinet FortiTester FortiTester versions antérieures à 7.2.1
    Fortinet FortiAnalyzer FortiAnalyzer versions 6.4.x antérieures à 6.4.15
    Fortinet FortiAuthenticator FortiAuthenticator versions 6.4.x antérieures à 6.4.1
    Fortinet FortiVoice FortiVoice versions antérieures à 6.4.10
    Fortinet FortiProxy FortiProxy versions 7.2.x antérieures à 7.2.12
    Fortinet FortiSOAR FortiSOAR versions 7.5.x antérieures à 7.5.1
    Fortinet FortiRecorder FortiRecorder versions 7.2.x antérieures à 7.2.2
    Fortinet FortiMail FortiMail versions 7.0.x antérieures à 7.0.7
    References
    Bulletin de sécurité Fortinet FG-IR-23-258 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-458 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-061 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-405 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-285 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-165 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-494 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-220 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-221 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-078 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-282 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-373 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-106 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-250 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-189 2025-01-15 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-401 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-239 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-097 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-260 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-170 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-259 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-143 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-476 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-415 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-461 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-266 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-407 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-086 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-465 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-222 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-219 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-210 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-211 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-267 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-010 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-473 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-216 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-326 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-135 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-152 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-304 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-164 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-310 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-405 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-127 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-381 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-091 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-417 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-23-293 2025-01-14 vendor-advisory
    Bulletin de sécurité Fortinet FG-IR-24-071 2025-01-14 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "FortiClientMac versions ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiDDoS-F versions ant\u00e9rieures \u00e0 6.3.3",
          "product": {
            "name": "FortiDDoS-F",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiOS versions ant\u00e9rieures \u00e0 7.6.1 pour la vuln\u00e9rabilit\u00e9 CVE-2024-52963",
          "product": {
            "name": "FortiOS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiRecorder versions ant\u00e9rieures \u00e0 7.0.5",
          "product": {
            "name": "FortiRecorder",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer versions 7.0.x ant\u00e9rieures \u00e0 7.0.13",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSOAR versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
          "product": {
            "name": "FortiSOAR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "Connecteur IMAP pour FortiSOAR versions ant\u00e9rieures \u00e0 3.5.8",
          "product": {
            "name": "FortiSOAR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.4",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiOS versions ant\u00e9rieures \u00e0 7.0.16",
          "product": {
            "name": "FortiOS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiPortal versions 7.0.x ant\u00e9rieures \u00e0 7.0.9",
          "product": {
            "name": "FortiPortal",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiWLC versions 8.6.x ant\u00e9rieures \u00e0 8.6.6",
          "product": {
            "name": "FortiWLC",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 6.4.x ant\u00e9rieures \u00e0 6.4.15",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientEMS versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientEMS Cloud versions ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientEMS Cloud versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiPortal versions 6.0.x ant\u00e9rieures \u00e0 6.0.15",
          "product": {
            "name": "FortiPortal",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientMac versions ant\u00e9rieures \u00e0 7.4.0",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
          "product": {
            "name": "FortiOS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiMail versions 6.4x ant\u00e9rieures \u00e0 6.4.8",
          "product": {
            "name": "FortiMail",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 7.0.x ant\u00e9rieures \u00e0 7.0.13",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiVoiceEnterprise versions ant\u00e9rieures \u00e0 6.0.10",
          "product": {
            "name": "FortiVoiceEnterprise",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer Cloud versions 7.4.x post\u00e9rieures \u00e0 7.4.1 et ant\u00e9rieures \u00e0 7.4.4",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiWeb versions 7.2.x ant\u00e9rieures \u00e0 7.2.8",
          "product": {
            "name": "FortiWeb",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager Cloud versions post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.7",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer Cloud versions 7.2.x post\u00e9rieures \u00e0 7.2.1 et ant\u00e9rieures \u00e0 7.2.7",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSwitch versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
          "product": {
            "name": "FortiSwitch",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiWeb versions 7.6.x ant\u00e9rieures \u00e0 7.6.2",
          "product": {
            "name": "FortiWeb",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAP-W2 versions ant\u00e9rieures \u00e0 7.2.4",
          "product": {
            "name": "FortiAP-W2",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientEMS versions ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiVoice versions 7.0.x ant\u00e9rieures \u00e0 7.0.5",
          "product": {
            "name": "FortiVoice",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.10",
          "product": {
            "name": "FortiOS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSwitch versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
          "product": {
            "name": "FortiSwitch",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiDDoS versions ant\u00e9rieures \u00e0 5.5.1",
          "product": {
            "name": "FortiDDoS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAP versions ant\u00e9rieures \u00e0 7.2.4",
          "product": {
            "name": "FortiAP",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSwitch versions ant\u00e9rieures \u00e0 6.2.8",
          "product": {
            "name": "FortiSwitch",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientWindows versions ant\u00e9rieures \u00e0 7.4.1",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSOAR versions ant\u00e9rieures \u00e0 7.2.2 Security Patch 9",
          "product": {
            "name": "FortiSOAR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer-BigData versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiDeceptor versions ant\u00e9rieures \u00e0 6.0.1",
          "product": {
            "name": "FortiDeceptor",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAP-S versions ant\u00e9rieures \u00e0 6.4.10",
          "product": {
            "name": "FortiAP-S",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiVoiceEnterprise versions 6.4.x ant\u00e9rieures \u00e0 6.4.4",
          "product": {
            "name": "FortiVoiceEnterprise",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAuthenticator versions ant\u00e9rieures \u00e0 6.3.3",
          "product": {
            "name": "FortiAuthenticator",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiPortal versions 7.2.x ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiPortal",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.19",
          "product": {
            "name": "FortiProxy",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiOS versions 7.6.x ant\u00e9rieures \u00e0 7.6.1",
          "product": {
            "name": "FortiOS",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer versions 7.4.x ant\u00e9rieures \u00e0 7.4.4",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiWeb versions 7.4.x ant\u00e9rieures \u00e0 7.4.5",
          "product": {
            "name": "FortiWeb",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager Cloud versions ant\u00e9rieures \u00e0 7.0.13",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSandbox versions 4.4.x ant\u00e9rieures \u00e0 4.4.5",
          "product": {
            "name": "FortiSandbox",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAP versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
          "product": {
            "name": "FortiAP",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientLinux versions ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSwitch versions 6.4.x ant\u00e9rieures \u00e0 6.4.14",
          "product": {
            "name": "FortiSwitch",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiNDR versions ant\u00e9rieures \u00e0 7.2.2",
          "product": {
            "name": "FortiNDR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 6.2.x ant\u00e9rieures \u00e0 6.2.12",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer Cloud versions ant\u00e9rieures \u00e0 7.0.12",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 7.4.x ant\u00e9rieures \u00e0 7.4.1",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiMail versions 7.2.x ant\u00e9rieures \u00e0 7.2.5",
          "product": {
            "name": "FortiMail",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiNDR versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
          "product": {
            "name": "FortiNDR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.15",
          "product": {
            "name": "FortiProxy",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSOAR versions 7.3.x ant\u00e9rieures \u00e0 7.3.3",
          "product": {
            "name": "FortiSOAR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiManager versions 7.2.x ant\u00e9rieures \u00e0 7.2.6",
          "product": {
            "name": "FortiManager",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiClientLinux versions ant\u00e9rieures \u00e0 7.4.0",
          "product": {
            "name": "FortiClient",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSIEM versions ant\u00e9rieures \u00e0 7.1.6",
          "product": {
            "name": "FortiSIEM",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSandbox versions ant\u00e9rieures \u00e0 4.0.5",
          "product": {
            "name": "FortiSandbox",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAP-W2 versions 7.4.x ant\u00e9rieures \u00e0 7.4.3",
          "product": {
            "name": "FortiAP-W2",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSandbox versions 4.2.x ant\u00e9rieures \u00e0 4.2.7",
          "product": {
            "name": "FortiSandbox",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiADC versions 6.2.x ant\u00e9rieures \u00e0 6.2.4",
          "product": {
            "name": "FortiADC",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiProxy versions 7.4.x ant\u00e9rieures \u00e0 7.4.6",
          "product": {
            "name": "FortiProxy",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSwitch versions 7.0.x ant\u00e9rieures \u00e0 7.0.8",
          "product": {
            "name": "FortiSwitch",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiTester versions ant\u00e9rieures \u00e0 7.2.1",
          "product": {
            "name": "FortiTester",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAnalyzer versions 6.4.x ant\u00e9rieures \u00e0 6.4.15",
          "product": {
            "name": "FortiAnalyzer",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiAuthenticator versions 6.4.x ant\u00e9rieures \u00e0 6.4.1",
          "product": {
            "name": "FortiAuthenticator",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiVoice versions ant\u00e9rieures \u00e0 6.4.10",
          "product": {
            "name": "FortiVoice",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.12",
          "product": {
            "name": "FortiProxy",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiSOAR versions 7.5.x ant\u00e9rieures \u00e0 7.5.1",
          "product": {
            "name": "FortiSOAR",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiRecorder versions 7.2.x ant\u00e9rieures \u00e0 7.2.2",
          "product": {
            "name": "FortiRecorder",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        },
        {
          "description": "FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.7",
          "product": {
            "name": "FortiMail",
            "vendor": {
              "name": "Fortinet",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-45326",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45326"
        },
        {
          "name": "CVE-2023-37931",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-37931"
        },
        {
          "name": "CVE-2024-32115",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-32115"
        },
        {
          "name": "CVE-2023-42786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-42786"
        },
        {
          "name": "CVE-2024-35280",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35280"
        },
        {
          "name": "CVE-2024-35273",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35273"
        },
        {
          "name": "CVE-2024-48884",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-48884"
        },
        {
          "name": "CVE-2024-46666",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46666"
        },
        {
          "name": "CVE-2022-23439",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23439"
        },
        {
          "name": "CVE-2024-47571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47571"
        },
        {
          "name": "CVE-2024-35275",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35275"
        },
        {
          "name": "CVE-2024-47573",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47573"
        },
        {
          "name": "CVE-2024-52963",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-52963"
        },
        {
          "name": "CVE-2023-37937",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-37937"
        },
        {
          "name": "CVE-2024-33503",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-33503"
        },
        {
          "name": "CVE-2024-55593",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-55593"
        },
        {
          "name": "CVE-2024-48885",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-48885"
        },
        {
          "name": "CVE-2024-46662",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46662"
        },
        {
          "name": "CVE-2024-27778",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-27778"
        },
        {
          "name": "CVE-2024-48893",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-48893"
        },
        {
          "name": "CVE-2024-47566",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47566"
        },
        {
          "name": "CVE-2024-52969",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-52969"
        },
        {
          "name": "CVE-2024-35276",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35276"
        },
        {
          "name": "CVE-2024-40587",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-40587"
        },
        {
          "name": "CVE-2024-36512",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36512"
        },
        {
          "name": "CVE-2023-46715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-46715"
        },
        {
          "name": "CVE-2024-36510",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36510"
        },
        {
          "name": "CVE-2024-56497",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56497"
        },
        {
          "name": "CVE-2024-46665",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46665"
        },
        {
          "name": "CVE-2024-48890",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-48890"
        },
        {
          "name": "CVE-2024-21758",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-21758"
        },
        {
          "name": "CVE-2024-52967",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-52967"
        },
        {
          "name": "CVE-2023-37936",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-37936"
        },
        {
          "name": "CVE-2024-46668",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46668"
        },
        {
          "name": "CVE-2024-35278",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35278"
        },
        {
          "name": "CVE-2024-26012",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-26012"
        },
        {
          "name": "CVE-2024-46664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46664"
        },
        {
          "name": "CVE-2024-23106",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23106"
        },
        {
          "name": "CVE-2024-54021",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-54021"
        },
        {
          "name": "CVE-2024-46669",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46669"
        },
        {
          "name": "CVE-2023-5217",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5217"
        },
        {
          "name": "CVE-2023-42785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-42785"
        },
        {
          "name": "CVE-2024-36504",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36504"
        },
        {
          "name": "CVE-2024-35277",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-35277"
        },
        {
          "name": "CVE-2023-4863",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
        },
        {
          "name": "CVE-2024-48886",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-48886"
        },
        {
          "name": "CVE-2024-50564",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-50564"
        },
        {
          "name": "CVE-2024-33502",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-33502"
        },
        {
          "name": "CVE-2024-45331",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45331"
        },
        {
          "name": "CVE-2024-50563",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-50563"
        },
        {
          "name": "CVE-2024-36506",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-36506"
        },
        {
          "name": "CVE-2024-46667",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46667"
        },
        {
          "name": "CVE-2024-46670",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-46670"
        },
        {
          "name": "CVE-2024-47572",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-47572"
        }
      ],
      "initial_release_date": "2025-01-15T00:00:00",
      "last_revision_date": "2025-01-15T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0031",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-01-15T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        },
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Fortinet. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
      "vendor_advisories": [
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-258",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-258"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-458",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-458"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-061",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-061"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-405",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-405"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-285",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-285"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-165",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-165"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-494",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-494"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-220",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-220"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-221",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-221"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-078",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-078"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-282",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-282"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-373",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-373"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-106",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-106"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-250",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-250"
        },
        {
          "published_at": "2025-01-15",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-189",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-189"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-401",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-401"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-239",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-239"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-097",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-097"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-260",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-260"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-170",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-170"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-259",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-259"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-143",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-143"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-476",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-476"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-415",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-415"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-461",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-461"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-266",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-266"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-407",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-407"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-086",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-086"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-465",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-465"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-222",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-222"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-219",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-219"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-210",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-210"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-211",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-211"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-267",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-267"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-010",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-010"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-473",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-473"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-216",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-216"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-326",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-326"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-135",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-135"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-152",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-152"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-304",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-304"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-164",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-164"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-310",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-310"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-405",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-405"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-127",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-127"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-381",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-381"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-091",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-091"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-417",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-417"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-293",
          "url": "https://www.fortiguard.com/psirt/FG-IR-23-293"
        },
        {
          "published_at": "2025-01-14",
          "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-24-071",
          "url": "https://www.fortiguard.com/psirt/FG-IR-24-071"
        }
      ]
    }