6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
3 packages
- terraform-providers.fortios
- python312Packages.fortiosapi
- python313Packages.fortiosapi
- @LeSuisse dismissed
A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.1, …
A heap-based buffer overflow in Fortinet FortiOS 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15, 6.2.0 through 6.2.17, FortiManager Cloud 7.6.2, 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiAnalyzer Cloud 7.4.1 through 7.4.5, 7.2.1 through 7.2.8, 7.0.1 through 7.0.13, 6.4.1 through 6.4.7, FortiProxy 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.12, 7.0.0 through 7.0.19, 2.0.0 through 2.0.14, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiAnalyzer 7.6.0 through 7.6.2, 7.4.0 through 7.4.5, 7.2.0 through 7.2.8, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12, FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, 6.2.0 through 6.2.13, 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via specifically crafted requests.
References
Affected products
- =<7.4.5
- ==7.6.0
- =<7.2.10
- =<7.0.16
- =<6.4.15
- =<2.0.14
- =<7.0.19
- =<7.4.6
- =<1.0.7
- ==7.6.0
- =<1.2.13
- =<1.1.6
- =<7.2.12
- =<7.4.5
- =<6.0.12
- =<7.2.9
- =<6.2.13
- =<7.0.13
- =<7.6.1
- =<6.4.15
- =<7.4.5
- =<6.0.12
- =<7.2.9
- =<6.2.13
- =<7.0.13
- =<7.2.8
- =<7.6.2
- =<6.4.15
- =<7.4.5
- ==7.6.2
- =<7.2.9
- =<7.0.13
- =<6.4.7
- =<6.4.7
- =<7.4.5
- =<7.0.13
- =<7.2.9