ID

VAR-202210-0421


CVE

CVE-2022-29055


TITLE

fortinet's  FortiProxy  and  FortiOS  Vulnerability in accessing uninitialized pointers in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019255

DESCRIPTION

A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, FortiProxy version 7.0.0 through 7.0.4, 2.0.0 through 2.0.9, 1.2.x allows a remote unauthenticated or authenticated attacker to crash the sslvpn daemon via an HTTP GET request. fortinet's FortiProxy and FortiOS Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. There is a security vulnerability in Fortinet FortiOS. The vulnerability stems from the fact that an attacker can forcibly dereference a NULL pointer through the SSL VPN Portal to trigger a denial of service. The following products and versions are affected: Fortinet FortiOS Version 7.2.0, Versions 7.0.0 to 7.0.5, Versions 6.4.0 to 6.4.9, Versions 6.2.0 to 6.2.10, Versions 6.0.0 to 6.0.14

Trust: 1.71

sources: NVD: CVE-2022-29055 // JVNDB: JVNDB-2022-019255 // VULHUB: VHN-420589

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:gteversion:6.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:7.0.7

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:7.2.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:eqversion:7.2.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:2.0.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:ltversion:7.0.7

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:7.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.4.0

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:gteversion:1.2.6

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:ltversion:2.0.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:6.2.11

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:6.4.10

Trust: 1.0

vendor:fortinetmodel:fortiproxyscope:ltversion:1.2.13

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:7.0.0

Trust: 1.0

vendor:フォーティネットmodel:fortiosscope:eqversion:7.0.0 that's all 7.0.7

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope:eqversion:6.4.0 that's all 6.4.10

Trust: 0.8

vendor:フォーティネットmodel:fortiproxyscope: - version: -

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope:eqversion:6.2.0 that's all 6.2.11

Trust: 0.8

vendor:フォーティネットmodel:fortiosscope:eqversion:7.2.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-019255 // NVD: CVE-2022-29055

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-29055
value: HIGH

Trust: 1.0

psirt@fortinet.com: CVE-2022-29055
value: HIGH

Trust: 1.0

NVD: CVE-2022-29055
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202210-376
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-29055
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2022-29055
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-019255 // CNNVD: CNNVD-202210-376 // NVD: CVE-2022-29055 // NVD: CVE-2022-29055

PROBLEMTYPE DATA

problemtype:CWE-824

Trust: 1.1

problemtype:Accessing uninitialized pointers (CWE-824) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-420589 // JVNDB: JVNDB-2022-019255 // NVD: CVE-2022-29055

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-376

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202210-376

PATCH

title:FG-IR-22-086url:https://fortiguard.com/psirt/FG-IR-22-086

Trust: 0.8

title:Fortinet FortiOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=211449

Trust: 0.6

sources: JVNDB: JVNDB-2022-019255 // CNNVD: CNNVD-202210-376

EXTERNAL IDS

db:NVDid:CVE-2022-29055

Trust: 3.3

db:JVNDBid:JVNDB-2022-019255

Trust: 0.8

db:CNNVDid:CNNVD-202210-376

Trust: 0.7

db:VULHUBid:VHN-420589

Trust: 0.1

sources: VULHUB: VHN-420589 // JVNDB: JVNDB-2022-019255 // CNNVD: CNNVD-202210-376 // NVD: CVE-2022-29055

REFERENCES

url:https://fortiguard.com/psirt/fg-ir-22-086

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-29055

Trust: 0.8

url:https://vigilance.fr/vulnerability/fortinet-fortios-null-pointer-dereference-via-ssl-vpn-portal-39498

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-29055/

Trust: 0.6

sources: VULHUB: VHN-420589 // JVNDB: JVNDB-2022-019255 // CNNVD: CNNVD-202210-376 // NVD: CVE-2022-29055

SOURCES

db:VULHUBid:VHN-420589
db:JVNDBid:JVNDB-2022-019255
db:CNNVDid:CNNVD-202210-376
db:NVDid:CVE-2022-29055

LAST UPDATE DATE

2024-08-14T13:21:36.850000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-420589date:2022-10-20T00:00:00
db:JVNDBid:JVNDB-2022-019255date:2023-10-25T02:49:00
db:CNNVDid:CNNVD-202210-376date:2022-10-21T00:00:00
db:NVDid:CVE-2022-29055date:2022-10-20T19:13:12.883

SOURCES RELEASE DATE

db:VULHUBid:VHN-420589date:2022-10-18T00:00:00
db:JVNDBid:JVNDB-2022-019255date:2023-10-25T00:00:00
db:CNNVDid:CNNVD-202210-376date:2022-10-10T00:00:00
db:NVDid:CVE-2022-29055date:2022-10-18T15:15:09.620