An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiWeb version 6.4.0 through 6.4.1, FortiWeb version 6.3.0 through 6.3.17, FortiWeb all versions 6.2, FortiWeb all versions 6.1, FortiWeb all versions 6.0, FortiRecorder version 6.4.0 through 6.4.3, FortiRecorder all versions 6.0, FortiRecorder all versions 2.7 may allow an authenticated user to read arbitrary files via specially crafted command arguments.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-218 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-03-07T16:04:48.484Z
Updated: 2024-08-03T03:07:50.182Z
Reserved: 2022-01-03T09:39:36.527Z
Link: CVE-2022-22297
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-03-07T17:15:11.707
Modified: 2023-11-07T03:43:51.413
Link: CVE-2022-22297
Redhat
No data.