Details of VAR-202208-0231

ID

VAR-202208-0231

CVE

CVE-2022-22299

TITLE

plural Fortinet Product Format String Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-016210

DESCRIPTION

A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 through 6.0.4, FortiADC version 6.1.0 through 6.1.5, FortiADC version 6.2.0 through 6.2.1, FortiProxy version 1.0.0 through 1.0.7, FortiProxy version 1.1.0 through 1.1.6, FortiProxy version 1.2.0 through 1.2.13, FortiProxy version 2.0.0 through 2.0.7, FortiProxy version 7.0.0 through 7.0.1, FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.2, FortiMail version 6.4.0 through 6.4.5, FortiMail version 7.0.0 through 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. plural Fortinet The product contains a vulnerability in format strings.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Both Fortinet FortiOS and Fortinet FortiGate are products of Fortinet. Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiGate is a network security platform. The platform provides functions such as firewall, antivirus and intrusion prevention (IPS), application control, antispam, wireless controller and WAN acceleration. Fortinet FortiGate and FortiOS have security vulnerabilities that can be exploited to run code via CLI format strings

Trust: 1.8

sources: NVD: CVE-2022-22299 // JVNDB: JVNDB-2022-016210 // VULHUB: VHN-410853 // VULMON: CVE-2022-22299

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiproxy	scope:	lte	version:	1.0.7	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	5.4.13	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	5.6.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	5.0.14	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	eq	version:	6.2.1	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lte	version:	1.1.6	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lte	version:	2.0.7	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	lte	version:	6.1.6	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	1.1.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	5.4.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	6.4.8	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	5.2.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lte	version:	6.4.5	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lte	version:	1.2.13	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	gte	version:	6.1.0	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	eq	version:	6.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	2.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	6.0.14	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	1.2.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	6.2.10	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	5.6.14	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortiadc	scope:	lte	version:	6.0.4	Trust: 1.0
vendor:	fortinet	model:	fortimail	scope:	lte	version:	7.0.2	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	1.0.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lte	version:	5.2.15	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	フォーティネット	model:	fortiadcmanager	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortimail	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortiproxy	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-016210 // NVD: CVE-2022-22299

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-22299
value:	HIGH
Trust: 1.0
psirt@fortinet.com:	CVE-2022-22299
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2022-016210
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202208-2039
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-22299
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2022-016210
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-016210 // CNNVD: CNNVD-202208-2039 // NVD: CVE-2022-22299 // NVD: CVE-2022-22299

PROBLEMTYPE DATA

problemtype:	CWE-134	Trust: 1.0
problemtype:	Format string problem (CWE-134) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-016210 // NVD: CVE-2022-22299

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2039

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202208-2039

PATCH

title:	FG-IR-21-235	url:	https://www.fortiguard.com/psirt/FG-IR-21-235	Trust: 0.8
title:	Fortinet FortiGate and Fortinet FortiOS Fixes for formatting string error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=203975	Trust: 0.6

sources: JVNDB: JVNDB-2022-016210 // CNNVD: CNNVD-202208-2039

EXTERNAL IDS

db:	NVD	id:	CVE-2022-22299	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-016210	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-2039	Trust: 0.7
db:	VULHUB	id:	VHN-410853	Trust: 0.1
db:	VULMON	id:	CVE-2022-22299	Trust: 0.1

sources: VULHUB: VHN-410853 // VULMON: CVE-2022-22299 // JVNDB: JVNDB-2022-016210 // CNNVD: CNNVD-202208-2039 // NVD: CVE-2022-22299

REFERENCES

url:	https://fortiguard.com/psirt/fg-ir-21-235	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22299	Trust: 0.8
url:	https://vigilance.fr/vulnerability/fortios-code-execution-via-cli-format-string-38970	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-22299/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-410853 // VULMON: CVE-2022-22299 // JVNDB: JVNDB-2022-016210 // CNNVD: CNNVD-202208-2039 // NVD: CVE-2022-22299

SOURCES

db:	VULHUB	id:	VHN-410853
db:	VULMON	id:	CVE-2022-22299
db:	JVNDB	id:	JVNDB-2022-016210
db:	CNNVD	id:	CNNVD-202208-2039
db:	NVD	id:	CVE-2022-22299

LAST UPDATE DATE

2024-08-14T14:37:22.222000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-410853	date:	2022-08-11T00:00:00
db:	VULMON	id:	CVE-2022-22299	date:	2022-08-06T00:00:00
db:	JVNDB	id:	JVNDB-2022-016210	date:	2023-10-03T01:12:00
db:	CNNVD	id:	CNNVD-202208-2039	date:	2022-08-12T00:00:00
db:	NVD	id:	CVE-2022-22299	date:	2022-08-11T17:54:14.543

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-410853	date:	2022-08-05T00:00:00
db:	VULMON	id:	CVE-2022-22299	date:	2022-08-05T00:00:00
db:	JVNDB	id:	JVNDB-2022-016210	date:	2023-10-03T00:00:00
db:	CNNVD	id:	CNNVD-202208-2039	date:	2022-08-02T00:00:00
db:	NVD	id:	CVE-2022-22299	date:	2022-08-05T20:15:08.147