7.8
CVE-2023-22639
- EPSS 0.04%
- Published 13.06.2023 09:15:16
- Last modified 21.11.2024 07:45:06
- Source psirt@fortinet.com
- Teams watchlist Login
- Open Login
A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.
Data is provided by the National Vulnerability Database (NVD)
Fortinet ≫ Fortiproxy Version >= 1.0.0 <= 1.0.7
Fortinet ≫ Fortiproxy Version >= 1.1.0 <= 1.1.6
Fortinet ≫ Fortiproxy Version >= 1.2.0 <= 1.2.13
Fortinet ≫ Fortiproxy Version >= 2.0.0 <= 2.0.12
Fortinet ≫ Fortiproxy Version >= 7.0.0 <= 7.0.8
Fortinet ≫ Fortiproxy Version7.2.0
Fortinet ≫ Fortiproxy Version7.2.1
Fortinet ≫ Fortiproxy Version7.2.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.128 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| psirt@fortinet.com | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.