A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-22-463 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:27
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
| References | () https://fortiguard.com/psirt/FG-IR-22-463 - Vendor Advisory |
17 Jun 2023, 01:40
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CWE | CWE-134 | |
| First Time |
Fortinet
Fortinet fortios Fortinet fortiproxy |
|
| CPE | cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* |
|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-463 - Vendor Advisory |
13 Jun 2023, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-13 09:15
Updated : 2024-11-21 07:27
NVD link : CVE-2022-43953
Mitre link : CVE-2022-43953
CVE.ORG link : CVE-2022-43953
JSON object : View
Products Affected
fortinet
- fortios
- fortiproxy
CWE
CWE-134
Use of Externally-Controlled Format String