CVE-2023-42788

🗓️ 10 Oct 2023 16:48:56Reported by fortinetType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 52 Views

CVE-2023-42788 OS Command Injection in FortiManager & FortiAnalyze

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-42788	10 Oct 202320:17	–	circl
CNNVD	Fortinet FortiManager and FortiAnalyzer Operating System Command Injection Vulnerabilities	10 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-42788	10 Oct 202316:48	–	cvelist
EUVD	EUVD-2023-47218	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Fortinet products	14 May 202508:41	–	ncsc
NVD	CVE-2023-42788	10 Oct 202317:15	–	nvd
OSV	CVE-2023-42788	10 Oct 202317:15	–	osv
Prion	Command injection	10 Oct 202317:15	–	prion
Positive Technologies	PT-2023-5997 · Fortinet · Fortimanager +1	10 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-42788	23 May 202501:57	–	redhatcve

NVD

Node

fortinet fortianalyzerRange6.2.0–6.2.11

fortinet fortianalyzerRange6.4.0–6.4.12

fortinet fortianalyzerRange7.0.0–7.0.8

fortinet fortianalyzerRange7.2.0–7.2.3

fortinet fortianalyzerMatch7.4.0

fortinet fortimanagerRange6.2.0–6.2.11

fortinet fortimanagerRange6.4.0–6.4.12

fortinet fortimanagerRange7.0.0–7.0.8

fortinet fortimanagerRange7.2.0–7.2.3

fortinet fortimanagerMatch7.4.0

[
  {
    "vendor": "Fortinet",
    "product": "FortiAnalyzer",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "version": "7.4.0",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.3",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.0.0",
        "lessThanOrEqual": "7.0.8",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.4.0",
        "lessThanOrEqual": "6.4.12",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.2.0",
        "lessThanOrEqual": "6.2.11",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fortinet",
    "product": "FortiManager",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "version": "7.4.0",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.3",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.0.0",
        "lessThanOrEqual": "7.0.8",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.4.0",
        "lessThanOrEqual": "6.4.12",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.2.0",
        "lessThanOrEqual": "6.2.11",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-23-167
github	www.github.com/orangecertcc/security-research/security/advisories/GHSA-qpv8-g6qv-rf8p

21 Nov 2024 08:23Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.16.7 - 7.8

EPSS0.00335

SSVC

CWE-78