CVE-2022-27489 - OpenCVE

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortiextender Fortiextender Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:fortinet:fortiextender_firmware::::::::
	cpe:2.3:o:fortinet:fortiextender_firmware::::::::
	cpe:2.3:o:fortinet:fortiextender_firmware::::::::
	cpe:2.3:o:fortinet:fortiextender_firmware::::::::
	cpe:2.3:o:fortinet:fortiextender_firmware::::::::
	cpe:2.3:o:fortinet:fortiextender_firmware:3.0.0:::::::*
	cpe:2.3:o:fortinet:fortiextender_firmware:3.0.1:::::::*
	cpe:2.3:o:fortinet:fortiextender_firmware:3.0.2:::::::*
	cpe:2.3:o:fortinet:fortiextender_firmware:3.1.0:::::::*
	cpe:2.3:o:fortinet:fortiextender_firmware:3.1.1:::::::*
	cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:::::::*

cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-22-048

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-02-16T18:06:40.150Z

Updated: 2024-08-03T05:32:57.924Z

Reserved: 2022-03-21T16:03:48.575Z

Link: CVE-2022-27489

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-16T19:15:12.190

Modified: 2023-11-07T03:45:20.570

Link: CVE-2022-27489

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-27489", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2022-03-21T16:03:48.575Z", "datePublished": "2023-02-16T18:06:40.150Z", "dateUpdated": "2024-08-03T05:32:57.924Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiExtender", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.3", "status": "affected"}, {"version": "5.3.2", "status": "affected"}, {"versionType": "semver", "version": "4.2.0", "lessThanOrEqual": "4.2.4", "status": "affected"}, {"versionType": "semver", "version": "4.1.1", "lessThanOrEqual": "4.1.8", "status": "affected"}, {"versionType": "semver", "version": "4.0.0", "lessThanOrEqual": "4.0.2", "status": "affected"}, {"versionType": "semver", "version": "3.3.0", "lessThanOrEqual": "3.3.2", "status": "affected"}, {"versionType": "semver", "version": "3.2.1", "lessThanOrEqual": "3.2.3", "status": "affected"}, {"versionType": "semver", "version": "3.1.0", "lessThanOrEqual": "3.1.2", "status": "affected"}, {"versionType": "semver", "version": "3.0.0", "lessThanOrEqual": "3.0.2", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-02-16T18:06:40.150Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Upgrade to FortiExtender version 7.2.0 and above\r\nUpgrade to FortiExtender version 7.0.4 and above\r\nUpgrade to FortiExtender upcoming version 4.2.5 and above\r\nUpgrade to FortiExtender upcoming version 4.1.9 and above\r\nUpgrade to FortiExtender upcoming version 4.0.3 and above\r\nUpgrade to FortiExtender version 3.3.3 and above\r\nUpgrade to FortiExtender version 3.2.4 and above"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-048", "url": "https://fortiguard.com/psirt/FG-IR-22-048"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:57.924Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-048", "url": "https://fortiguard.com/psirt/FG-IR-22-048", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7C7C2CF-4343-4DC6-A9CC-2AD085FF4719", "versionEndExcluding": "3.2.4", "versionStartIncluding": "3.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF3BA216-3C90-451D-99AC-DC64259A1312", "versionEndExcluding": "3.3.3", "versionStartIncluding": "3.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6594D0E-3A47-4E9F-B020-FBC2C1AED759", "versionEndExcluding": "4.1.9", "versionStartIncluding": "4.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "48A96D42-A019-422C-AB50-7CAF378FDDE5", "versionEndExcluding": "4.2.5", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "46532FCC-760C-43ED-8DC4-81427D279980", "versionEndExcluding": "7.0.4", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "39A64727-9B11-409B-94D6-D46FA7BBADE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "04C4747E-18B3-4114-81E0-1761DA523436", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4CAC470E-2A7D-4E6B-B6F4-2FE3F3977DB8", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FBB6781-A4B9-4F52-92A4-12CC0A4042B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA975BB7-6BAE-431F-ACAC-56F8E0021E54", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1CC2C9D3-01FD-4D5B-AE85-05B0CA6C99AA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0617C1D-E321-409D-B54B-775E854A03C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 through 7.0.3, 5.3.2, 4.2.4 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests."}], "id": "CVE-2022-27489", "lastModified": "2023-11-07T03:45:20.570", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2023-02-16T19:15:12.190", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-048"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}