Fortinet has released security updates addressing several vulnerabilities in multiple products.
The addressed vulnerabilities could allow the attacker to execute arbitrary code,cause a denial of service attack, escalate privileges, or disclose information on the affected systems.
|
|---|
List Of CVEs:
| CVE Number |
| CVE-2023-25611 |
| CVE-2023-23776 |
| CVE-2022-29056 |
| CVE-2022-27490 |
| CVE-2022-40676 |
| CVE-2022-39953 |
| CVE-2022-45861 |
| CVE-2022-41328 |
| CVE-2023-25610 |
| CVE-2022-42476 |
| CVE-2022-41329 |
| CVE-2022-41333 |
| CVE-2023-25605 |
| CVE-2022-39951 |
| CVE-2022-22297 |
Effected Productions and Versions :
FortiOS & FortiProxy – Access of NULL pointer in SSLVPNdAdvisory Summary:NULL pointer in FortiOS & FortiProxy SSLVPNd Affected Products:FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.11 FortiOS 6.2 all versions FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7 FortiProxy version 2.0.0 through 2.0.11 FortiProxy 1.2 all versions FortiProxy 1.1 all versions Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-477 CVSS Score:6.4 FortiOS / FortiProxy – Path traversal vulnerability allows VDOM escapingAdvisory Summary:Path traversal vulnerability in FortiOS & FortiProxy Affected Products:FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.8 FortiOS version 6.4.0 through 6.4.11 FortiOS version 6.2.0 through 6.2.12 FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7 FortiProxy version 2.0.0 through 2.0.11 FortiProxy version 1.2.0 through 1.2.13 FortiProxy version 1.1.0 through 1.1.6 Note: Impact on FortiProxy 7.0.x, 2.0.x, 1.2.x, 1.1.x is minor as it does not have VDOMs Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-401 CVSS Score:7.8 FortiAuthenticator, FortiDeceptor & FortiMail – Improper restriction over excessive authentication attemptsAdvisory Summary:Partial denial of service using excessive authentication attempts on FortiAuthenticator, FortiDeceptor & FortiMail Affected Products:FortiAuthenticator version 6.4 all versions FortiAuthenticator version 6.3 all versions FortiAuthenticator version 6.2 all versions FortiAuthenticator version 6.1 all versions FortiAuthenticator version 6.0 all versions FortiAuthenticator version 5.5 all versions FortiAuthenticator version 5.4 all versions FortiDeceptor version 3.1 all versions FortiDeceptor version 3.0 all versions FortiDeceptor version 2.1 all versions FortiDeceptor version 2.0 all versions FortiDeceptor version 1.1 all versions FortiDeceptor version 1.0 all versions FortiMail version 6.4.0 FortiMail version 6.2.1 through 6.2.4 FortiMail version 6.0.0 through 6.0.9 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-20-078 CVSS Score:3.5 FortiOS / FortiProxy – Unauthenticated access to static files containing logging informationAdvisory Summary:Information disclosure in FortiOS & FortiProxy Affected Products:FortiProxy version 7.2.0 through 7.2.2 FortiProxy version 7.0.0 through 7.0.8 FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.11 FortiOS version 6.2.3 and above Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-364 CVSS Score:5.2 FortiOS / FortiProxy – Heap buffer underflow in administrative interfaceAdvisory Summary:Heap Buffer Underflow Vulnerability in FortiOS & FortiProxy Affected Products:FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.11 FortiOS version 6.2.0 through 6.2.12 FortiOS 6.0 all versions FortiProxy version 7.2.0 through 7.2.2 FortiProxy version 7.0.0 through 7.0.8 FortiProxy version 2.0.0 through 2.0.11 FortiProxy 1.2 all versions FortiProxy 1.1 all versions Even when running a vulnerable FortiOS version, the hardware devices listed below are *only* impacted by the DoS part of the issue, *not* by the arbitrary code execution (non-listed devices are vulnerable to both): FortiGateRugged-100C FortiGate-100D FortiGate-200C FortiGate-200D FortiGate-300C FortiGate-3600A FortiGate-5001FA2 FortiGate-5002FB2 FortiGate-60D FortiGate-620B FortiGate-621B FortiGate-60D-POE FortiWiFi-60D FortiWiFi-60D-POE FortiGate-300C-Gen2 FortiGate-300C-DC-Gen2 FortiGate-300C-LENC-Gen2 FortiWiFi-60D-3G4G-VZW FortiGate-60DH FortiWiFi-60DH FortiGateRugged-60D FortiGate-VM01-Hyper-V FortiGate-VM01-KVM FortiWiFi-60D-I FortiGate-60D-Gen2 FortiWiFi-60D-J FortiGate-60D-3G4G-VZW FortiWifi-60D-Gen2 FortiWifi-60D-Gen2-J FortiWiFi-60D-T FortiGateRugged-90D FortiWifi-60D-Gen2-U FortiGate-50E FortiWiFi-50E FortiGate-51E FortiWiFi-51E FortiWiFi-50E-2R FortiGate-52E FortiGate-40F FortiWiFi-40F FortiGate-40F-3G4G FortiWiFi-40F-3G4G FortiGate-40F-3G4G-NA FortiGate-40F-3G4G-EA FortiGate-40F-3G4G-JP FortiWiFi-40F-3G4G-NA FortiWiFi-40F-3G4G-EA FortiWiFi-40F-3G4G-JP FortiGate-40F-Gen2 FortiWiFi-40F-Gen2 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-23-001 CVSS Score:9.3 FortiSOAR – Improper Authorization in request headersAdvisory Summary:improper access control vulnerability in FortiSOAR’s playbook component. Affected Products:FortiSOAR version 7.3.0 through 7.3.1 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-23-050 CVSS Score:7.5 FortiAnalyzer – CSV injection in macro nameAdvisory Summary:CSV injection in the ‘name’ field when creating new macros. Affected Products:FortiAnalyzer version 7.2.0 through 7.2.1 FortiAnalyzer version 7.0.0 through 7.0.5 FortiAnalyzer 6.4 all versions Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-488 CVSS Score:4 FortiWeb – command injection in webserverAdvisory Summary:Incorrect input sanitization in CGI component Affected Products:FortiWeb version 7.0.0 through 7.0.2FortiWeb version 6.3.6 through 6.3.20FortiWeb 6.4 all versions Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-254 CVSS Score:7.2 FortiRecorder – DoS in login authentication mechanismAdvisory Summary:Denial of Service can be reached via crafted GET requests. All the already logged users are logged out from the device which becomes unavailable due to resources consumption. Affected Products:FortiRecorder 6.4.3 and below, FortiRecorder 6.0.11 to 6.0.0 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-388 CVSS Score:6.8 FortiAnalyzer — the log-fetch client request password is shown in clear text in the heartbeat responseAdvisory Summary:The log-fetch client request password is shown in clear text in the heartbeat response in FortiAnalyzer Affected Products:FortiAnalyzer version 7.2.0 through 7.2.1FortiAnalyzer version 7.0.0 through 7.0.4FortiAnalyzer version 6.4.0 through 6.4.10 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-447 CVSS Score:4.6 FortiWeb and FortiRecorder – Arbitrary file read through command line pipeAdvisory Summary:Arbitrary file read In FortiWeb/FortiRecorder Affected Products:FortiWeb version 6.4.0 through 6.4.1 FortiWeb version 6.3.0 through 6.3.17 FortiWeb all versions 6.2 FortiWeb all versions 6.1 FortiWeb all versions 6.0 FortiRecorder version 6.4.0 through 6.4.3 FortiRecorder all versions 6.0 FortiRecorder all versions 2.7 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-21-218 CVSS Score:5.2 FortiOS – Path traversal in execute commandAdvisory Summary:Path traversal vulnerability in FortiOS Affected Products:FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.11 FortiOS 6.2 all versions FortiOS 6.0 all versions Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-369 CVSS Score:6.5 FortiNAC – Multiple Reflected XSSAdvisory Summary:Cross Site Scripting (XSS) on the WebUI Affected Products:FortiNAC version 9.4.0 FortiNAC version 9.2.0 through 9.2.5 FortiNAC version 9.1.0 through 9.1.8 FortiNAC all versions 8.8, 8.7, 8.6, 8.5, 8.3 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-281 CVSS Score:7.1 FortiNAC – Multiple privilege escalation via sudo commandAdvisory Summary:Users with shell access can elevate their privileges to root. Affected Products:FortiNAC version 9.4.0 through 9.4.1 FortiNAC version 9.2.0 through 9.2.6 FortiNAC version 9.1.0 through 9.1.8 FortiNAC all versions 8.8, 8.7, 8.6, 8.5, 8.3 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-22-309 CVSS Score:7.8 FortiManager, FortiAnalyzer, FortiPortal & FortiSwitch – Information disclosure through diagnose debug commandsAdvisory Summary:`diagnose debug` commands allowed for restricted administrators Affected Products:At least FortiManager version 6.0.0 through 6.0.4 At least FortiAnalyzer version 6.0.0 through 6.0.4 At least FortiPortal 4.1 all versions FortiPortal 4.2 all versions FortiPortal 5.0 all versions FortiPortal 5.1 all versions FortiPortal 5.2 all versions FortiPortal 5.3 all versions FortiPortal version 6.0.0 through 6.0.9 At least FortiSwitch version 6.0.0 through 6.0.7 FortiSwitch version 6.2.0 through 6.2.7 FortiSwitch version 6.4.0 through 6.4.10 FortiSwitch version 7.0.0 through 7.0.4 Fortinet Advisory:https://www.fortiguard.com/psirt/FG-IR-18-232 CVSS Score:5.1 |
