Lucene search

K
vulnrichmentFortinetVULNRICHMENT:CVE-2023-22639
HistoryJun 13, 2023 - 8:41 a.m.

CVE-2023-22639

2023-06-1308:41:44
CWE-787
fortinet
github.com
2
cve-2023-22639
escalation of privilege
out-of-bounds write
fortinet fortios
fortiproxy

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

AI Score

7.2

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows attacker to escalation of privilege via specifically crafted commands.

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C

AI Score

7.2

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Related for VULNRICHMENT:CVE-2023-22639