A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-22-475 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:45
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://fortiguard.com/psirt/FG-IR-22-475 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
10 May 2023, 21:10
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-475 - Vendor Advisory | |
| CWE | CWE-787 | |
| First Time |
Fortinet
Fortinet fortios Fortinet fortiproxy |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CPE | cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:* |
03 May 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-03 22:15
Updated : 2024-11-21 07:45
NVD link : CVE-2023-22640
Mitre link : CVE-2023-22640
CVE.ORG link : CVE-2023-22640
JSON object : View
Products Affected
fortinet
- fortios
- fortiproxy
CWE
CWE-787
Out-of-bounds Write