CVE-2022-27486

🗓️ 13 Aug 2024 15:51:57Reported by fortinetType

Improper os command injection in Fortinet FortiDDoS and FortiDDoS-

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the command-line interface (CLI) of the software-defined security solutions FortiDDoS and FortiDDoS-F allows a attacker to execute arbitrary commands.	9 Oct 202400:00	–	bdu_fstec
Circl	CVE-2022-27486	13 Aug 202418:47	–	circl
CVE	CVE-2022-27486	13 Aug 202415:51	–	cve
EUVD	EUVD-2022-31987	3 Oct 202520:07	–	euvd
NVD	CVE-2022-27486	13 Aug 202416:15	–	nvd
Positive Technologies	PT-2022-7656 · Fortinet · Fortiddos-F +1	21 Mar 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-27486	7 Jan 202609:16	–	redhatcve
Vulnrichment	CVE-2022-27486	13 Aug 202415:51	–	vulnrichment

[
  {
    "vendor": "Fortinet",
    "product": "FortiDDoS",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "version": "5.7.0",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "5.5.0",
        "lessThanOrEqual": "5.5.1",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "5.4.0",
        "lessThanOrEqual": "5.4.2",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "5.3.0",
        "lessThanOrEqual": "5.3.2",
        "status": "affected"
      },
      {
        "version": "5.2.0",
        "status": "affected"
      },
      {
        "version": "5.1.0",
        "status": "affected"
      },
      {
        "version": "5.0.0",
        "status": "affected"
      },
      {
        "version": "4.7.0",
        "status": "affected"
      },
      {
        "version": "4.6.0",
        "status": "affected"
      },
      {
        "version": "4.5.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fortinet",
    "product": "FortiDDoS-F",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "version": "6.5.0",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.4.0",
        "lessThanOrEqual": "6.4.1",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.3.0",
        "lessThanOrEqual": "6.3.4",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.2.0",
        "lessThanOrEqual": "6.2.2",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "6.1.0",
        "lessThanOrEqual": "6.1.5",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-22-047

13 Aug 2024 15:51Current

CVSS 3.16.6

EPSS0.00752

CWE-78