CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2021-43072
https://notcve.org/view.php?id=CVE-2021-43072
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. • https://fortiguard.com/advisory/FG-IR-21-206 https://www.fortiguard.com/psirt/FG-IR-21-206 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2022-27490
https://notcve.org/view.php?id=CVE-2022-27490
A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via `diagnose debug` commands. • https://fortiguard.com/psirt/FG-IR-18-232 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2022-26121
https://notcve.org/view.php?id=CVE-2022-26121
An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via referencing the name in the URL path. Una vulnerabilidad de exposición de recursos a una esfera incorrecta [CWE-668] en FortiAnalyzer y FortiManager GUI versiones 7.0.0 hasta 7.0.3, 6.4.0 hasta 6.4.8, 6.2.0 hasta 6.2.9, 6.0.0 hasta 6.0.11, 5.6.0 hasta 5.6.11, puede permitir a un atacante no autenticado y remoto acceder a imágenes de plantillas de informes por medio de la referencia al nombre en la ruta URL • https://fortiguard.com/psirt/FG-IR-22-026 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-26104
https://notcve.org/view.php?id=CVE-2021-26104
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, FortiAnalyzer 6.2.7 and below, 6.4.5 and below and all versions of 6.2.x, 6.0.x and 5.6.x, and FortiPortal 5.2.5 and below, 5.3.5 and below and 6.0.4 and below may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters. Múltiples vulnerabilidades de inyección de comandos en el Sistema Operativo (CWE-78) en la interfaz de línea de comandos de FortiManager versiones 6.2.7 y anteriores, 6.4.5 y anteriores y todas las versiones de 6.2.x, 6.0.x y 5.6.x, FortiAnalyzer versiones 6.2.7 y anteriores, 6.4.5 y anteriores y todas las versiones de 6. 2.x, 6.0.x y 5.6.x, y FortiPortal versiones 5.2.5 y anteriores, 5.3.5 y anteriores y 6.0.4 y anteriores, pueden permitir a un usuario local autenticado no privilegiado ejecutar comandos shell arbitrarios como root por medio de parámetros de comando CLI específicamente diseñados • https://fortiguard.com/advisory/FG-IR-21-037 https://github.com/orangecertcc/security-research/security/advisories/GHSA-f73m-fvj3-m2pm • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22300
https://notcve.org/view.php?id=CVE-2022-22300
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user. Un manejo inapropiado de permisos o privilegios insuficientes en Fortinet FortiAnalyzer versiones 5.6.0 hasta 5.6.11, FortiAnalyzer versiones 6.0.0 hasta 6.0.11, FortiAnalyzer versiones 6.2.0 hasta 6.2.9, FortiAnalyzer versiones 6.4.0 hasta 6.4.7, FortiAnalyzer versiones 7.0.0 hasta 7 .0. 2, FortiManager versiones 5.6.0 hasta 5.6.11, FortiManager versiones 6.0.0 hasta 6.0.11, FortiManager versiones 6.2.0 hasta 6.2.9, FortiManager versiones 6.4.0 hasta 6.4.7, FortiManager versiones 7.0.0 hasta 7.0.2, permite a un atacante omitir la política del dispositivo y forzar la acción de cambio de contraseña para su usuario. • https://fortiguard.com/psirt/FG-IR-21-255 • CWE-755: Improper Handling of Exceptional Conditions •