CVE-2023-36634 - OpenCVE

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortiap-u

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortiap-u::::::::
	cpe:2.3:a:fortinet:fortiap-u::::::::
	cpe:2.3:a:fortinet:fortiap-u::::::::
	cpe:2.3:a:fortinet:fortiap-u:7.0.0:::::::*

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-23-123

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-09-13T12:29:31.577Z

Updated: 2024-08-02T16:52:53.999Z

Reserved: 2023-06-25T18:03:39.226Z

Link: CVE-2023-36634

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-09-13T13:15:08.883

Modified: 2023-11-07T04:16:39.237

Link: CVE-2023-36634

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-36634", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-06-25T18:03:39.226Z", "datePublished": "2023-09-13T12:29:31.577Z", "dateUpdated": "2024-08-02T16:52:53.999Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiAP-U", "defaultStatus": "unaffected", "versions": [{"version": "7.0.0", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.5", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.4", "status": "affected"}, {"versionType": "semver", "version": "5.4.3", "lessThanOrEqual": "5.4.6", "status": "affected"}, {"version": "5.4.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-09-13T12:29:31.577Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-73", "description": "Improper access control", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:P/RL:X/RC:R"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiAP-U version 7.0.1 or above Please upgrade to FortiAP-U version 6.2.6 or above "}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-123", "url": "https://fortiguard.com/psirt/FG-IR-23-123"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:52:53.999Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-123", "url": "https://fortiguard.com/psirt/FG-IR-23-123", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiap-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BEF86D0-7255-4054-8AA7-4AA411C5FE32", "versionEndIncluding": "5.4.6", "versionStartIncluding": "5.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "607B4B16-A019-4DB5-A3D5-845B3C81E2CA", "versionEndIncluding": "6.0.4", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "D94D840D-28B9-45AB-952C-951710AA63CD", "versionEndIncluding": "6.2.5", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-u:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "743763F2-D4DE-4E9D-B112-7CA27C61A423", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments."}, {"lang": "es", "value": "Un filtrado incompleto de una o m\u00e1s instancias de vulnerabilidad de elementos especiales [CWE-792] en el int\u00e9rprete de l\u00ednea de comando de FortiAP-U 7.0.0, 6.2.0 a 6.2.5, 6.0 todas las versiones, 5.4 todas las versiones puede permitir un atacante autenticado para enumerar y eliminar archivos y directorios arbitrarios mediante argumentos de comandos especialmente manipulados."}], "id": "CVE-2023-36634", "lastModified": "2023-11-07T04:16:39.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2023-09-13T13:15:08.883", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-123"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-73"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}