CVE-2022-22299
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
Una vulnerabilidad de cadena de formato [CWE-134] en el intérprete de línea de comandos de FortiADC versión 6.0.0 hasta 6.0.4, FortiADC versión 6.1.0 hasta 6.1.5, FortiADC versión 6.2.0 hasta 6.2.1, FortiProxy versión 1.0.0 hasta 1.0.7, FortiProxy versión 1.1.0 hasta 1.1.6, FortiProxy versión 1.2.0 hasta 1.2.13, FortiProxy versión 2.0.0 hasta 2.0.7, FortiProxy versión 7. 0.0 a 7.0.1, FortiOS versión 6.0.0 hasta 6.0.14, FortiOS versión 6.2.0 hasta 6.2.10, FortiOS versión 6.4.0 hasta 6.4.8, FortiOS versión 7.0.0 hasta 7.0.2, FortiMail versión 6.4.0 hasta 6.4.5, FortiMail versión 7.0.0 hasta 7.0.2, pueden permitir a un usuario autenticado ejecutar código o comandos no autorizados por medio de argumentos de comando especialmente diseñados
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-03 CVE Reserved
- 2022-08-05 CVE Published
- 2024-02-26 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://fortiguard.com/psirt/FG-IR-21-235 | 2022-08-11 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fortinet Search vendor "Fortinet" | Fortiadc Search vendor "Fortinet" for product "Fortiadc" | >= 6.0.0 <= 6.0.4 Search vendor "Fortinet" for product "Fortiadc" and version " >= 6.0.0 <= 6.0.4" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiadc Search vendor "Fortinet" for product "Fortiadc" | >= 6.1.0 <= 6.1.6 Search vendor "Fortinet" for product "Fortiadc" and version " >= 6.1.0 <= 6.1.6" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiadc Search vendor "Fortinet" for product "Fortiadc" | 6.2.0 Search vendor "Fortinet" for product "Fortiadc" and version "6.2.0" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiadc Search vendor "Fortinet" for product "Fortiadc" | 6.2.1 Search vendor "Fortinet" for product "Fortiadc" and version "6.2.1" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 6.4.0 <= 6.4.5 Search vendor "Fortinet" for product "Fortimail" and version " >= 6.4.0 <= 6.4.5" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 7.0.0 <= 7.0.2 Search vendor "Fortinet" for product "Fortimail" and version " >= 7.0.0 <= 7.0.2" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | >= 1.0.0 <= 1.0.7 Search vendor "Fortinet" for product "Fortiproxy" and version " >= 1.0.0 <= 1.0.7" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | >= 1.1.0 <= 1.1.6 Search vendor "Fortinet" for product "Fortiproxy" and version " >= 1.1.0 <= 1.1.6" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | >= 1.2.0 <= 1.2.13 Search vendor "Fortinet" for product "Fortiproxy" and version " >= 1.2.0 <= 1.2.13" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | >= 2.0.0 <= 2.0.7 Search vendor "Fortinet" for product "Fortiproxy" and version " >= 2.0.0 <= 2.0.7" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | 7.0.0 Search vendor "Fortinet" for product "Fortiproxy" and version "7.0.0" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortiproxy Search vendor "Fortinet" for product "Fortiproxy" | 7.0.1 Search vendor "Fortinet" for product "Fortiproxy" and version "7.0.1" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 5.0.0 <= 5.0.14 Search vendor "Fortinet" for product "Fortios" and version " >= 5.0.0 <= 5.0.14" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 5.2.0 <= 5.2.15 Search vendor "Fortinet" for product "Fortios" and version " >= 5.2.0 <= 5.2.15" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 5.4.0 <= 5.4.13 Search vendor "Fortinet" for product "Fortios" and version " >= 5.4.0 <= 5.4.13" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 5.6.0 <= 5.6.14 Search vendor "Fortinet" for product "Fortios" and version " >= 5.6.0 <= 5.6.14" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.0.0 <= 6.0.14 Search vendor "Fortinet" for product "Fortios" and version " >= 6.0.0 <= 6.0.14" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.2.0 <= 6.2.10 Search vendor "Fortinet" for product "Fortios" and version " >= 6.2.0 <= 6.2.10" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.4.0 < 6.4.8 Search vendor "Fortinet" for product "Fortios" and version " >= 6.4.0 < 6.4.8" | - |
Affected
| ||||||
| Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 7.0.0 < 7.0.2 Search vendor "Fortinet" for product "Fortios" and version " >= 7.0.0 < 7.0.2" | - |
Affected
| ||||||