Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.FORTIPROXY_FG-IR-24-015.NASLHistoryFeb 28, 2024 - 12:00 a.m.
Fortinet FortiProxy Out-of-bound Write in sslvpnd (FG-IR-24-015)
2024-02-2800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
fortinet fortiproxy
out-of-bound write
sslvpnd
cve-2024-21762
cea-2024-0004
cisa-known-exploited
iava
unauthorized code
nessus
security-related updates
version
exploit
fortiguard
upgrade
nessus
availability
patch
firewall
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.4%
The version of FortiProxy installed on the remote host affected by an out-of-bounds write vulnerability in sslvpnd that can allow an attacker to execute unauthorized code or commands via specifically crafted requests.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(191084);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/22");
script_cve_id("CVE-2024-21762");
script_xref(name:"CEA-ID", value:"CEA-2024-0004");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2024/02/16");
script_xref(name:"IAVA", value:"2024-A-0079-S");
script_name(english:"Fortinet FortiProxy Out-of-bound Write in sslvpnd (FG-IR-24-015)");
script_set_attribute(attribute:"synopsis", value:
"The version of FortiProxy installed on the remote host is missing one or more security-related updates.");
script_set_attribute(attribute:"description", value:
"The version of FortiProxy installed on the remote host affected by an out-of-bounds write vulnerability in sslvpnd
that can allow an attacker to execute unauthorized code or commands via specifically crafted requests.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.fortiguard.com/psirt/FG-IR-24-015");
script_set_attribute(attribute:"solution", value:
"Please upgrade to FortiProxy version 2.0.14, 7.0.15, 7.2.9, 7.4.3, or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-21762");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/08");
script_set_attribute(attribute:"patch_publication_date", value:"2024/02/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:fortinet:fortiproxy");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Firewalls");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("fortinet_version.nbin");
script_require_keys("Host/Fortigate/model", "Host/FortiProxy/version");
exit(0);
}
include('vcf.inc');
include('vcf_extras_fortios.inc');
var app_name = 'FortiProxy';
var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/FortiProxy/version');
vcf::fortios::verify_product_and_model(product_name:app_name);
var constraints = [
{ 'min_version' : '1.0', 'fixed_version' : '2.0.14' },
{ 'min_version' : '7.0', 'fixed_version' : '7.0.15' },
{ 'min_version' : '7.2', 'fixed_version' : '7.2.9' },
{ 'min_version' : '7.4', 'fixed_version' : '7.4.3' }
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fortinet | fortiproxy | cpe:/a:fortinet:fortiproxy |
Related
cve
cve
CVE-2024-21762
2024-02-09 09:15:08
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
2024-03-13 09:17:28
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
2024-03-13 22:57:00
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
2024-02-28 21:16:10
cvelist
cvelist
CVE-2024-21762
2024-02-09 08:14:25
nvd
nvd
CVE-2024-21762
2024-02-09 09:15:08
hivepro
hivepro
Critical Vulnerability in FortiOS SSL VPN Exploited in the Wild
2024-02-12 12:05:32
cnvd
cnvd
Fortinet FortiOS and FortiProxy Out-of-Bounds Write Vulnerability
2024-02-22 00:00:00
nessus
nessus
Fortinet Fortigate (FG-IR-24-015)
2024-02-08 00:00:00
cisa_kev
cisa_kev
Fortinet FortiOS Out-of-Bound Write Vulnerability
2024-02-09 00:00:00
attackerkb
attackerkb
CVE-2024-21762
2024-02-09 00:00:00
prion
prion
Out-of-bounds
2024-02-09 09:15:00
packetstorm
packetstorm
Fortinet FortiOS Out-Of-Bounds Write
2024-03-14 00:00:00
wizblog
wizblog
February Fortinet Advisory: everything you need to know
2024-02-12 13:53:10
rapid7blog
rapid7blog
Critical Fortinet FortiOS CVE-2024-21762 Exploited
2024-02-12 13:23:51
thn
thn
ics
ics
Siemens RUGGEDCOM APE1808
2024-03-14 12:00:00
avleonov
avleonov
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.018 Low
EPSS
Percentile
88.4%
Related for FORTIPROXY_FG-IR-24-015.NASL