CVE-2023-36640 - OpenCVE

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortios Fortipam Fortiproxy

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortiproxy::::::::
	cpe:2.3:a:fortinet:fortiproxy::::::::
	cpe:2.3:a:fortinet:fortiproxy::::::::
	cpe:2.3:a:fortinet:fortiproxy::::::::
	cpe:2.3:a:fortinet:fortiproxy::::::::
	cpe:2.3:a:fortinet:fortiproxy::::::::

Configuration 2 [-]

cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios:7.2.0:::::::*

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-23-137

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-05-14T16:19:21.747Z

Updated: 2024-08-02T16:52:54.010Z

Reserved: 2023-06-25T18:03:39.227Z

Link: CVE-2023-36640

Vulnrichment

Updated: 2024-08-02T16:52:54.010Z

NVD

Status : Analyzed

Published: 2024-05-14T17:15:16.640

Modified: 2024-05-23T17:46:46.207

Link: CVE-2023-36640

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-36640", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-06-25T18:03:39.227Z", "datePublished": "2024-05-14T16:19:21.747Z", "dateUpdated": "2024-08-02T16:52:54.010Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiProxy", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.4", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.10", "status": "affected"}, {"versionType": "semver", "version": "2.0.0", "lessThanOrEqual": "2.0.14", "status": "affected"}, {"versionType": "semver", "version": "1.2.0", "lessThanOrEqual": "1.2.13", "status": "affected"}, {"versionType": "semver", "version": "1.1.0", "lessThanOrEqual": "1.1.6", "status": "affected"}, {"versionType": "semver", "version": "1.0.0", "lessThanOrEqual": "1.0.7", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiPAM", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "1.0.0", "lessThanOrEqual": "1.0.3", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiOS", "defaultStatus": "unaffected", "versions": [{"version": "7.2.0", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.12", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.14", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.16", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.16", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands"}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-05-14T16:19:21.747Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-134", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-137", "url": "https://fortiguard.com/psirt/FG-IR-23-137"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-36640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-14T17:49:03.425796Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "custom", "lessThanOrEqual": "7.0.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "custom", "lessThanOrEqual": "2.*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiswitchmanager", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "custom", "lessThanOrEqual": "7.0.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiswitchmanager", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.4.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.0.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.4.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.0.0", "versionType": "custom", "lessThanOrEqual": "6.0.16"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortipam", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "custom", "lessThanOrEqual": "1.1.*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:25:49.629Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:52:54.010Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-137", "url": "https://fortiguard.com/psirt/FG-IR-23-137", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-137", "name": "https://fortiguard.com/psirt/FG-IR-23-137", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:52:54.010Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-36640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-14T17:49:03.425796Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "custom", "lessThanOrEqual": "7.0.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiproxy", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "custom", "lessThanOrEqual": "2.*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiswitchmanager", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "custom", "lessThanOrEqual": "7.0.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:fortiswitchmanager:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiswitchmanager", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.4.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "7.0.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.4.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.2.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortios", "versions": [{"status": "affected", "version": "6.0.0", "versionType": "custom", "lessThanOrEqual": "6.0.16"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:fortinet:fortipam:1.0.0:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortipam", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "custom", "lessThanOrEqual": "1.1.*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-14T18:09:10.976Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Fortinet", "product": "FortiProxy", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.4"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.10"}, {"status": "affected", "version": "2.0.0", "versionType": "semver", "lessThanOrEqual": "2.0.14"}, {"status": "affected", "version": "1.2.0", "versionType": "semver", "lessThanOrEqual": "1.2.13"}, {"status": "affected", "version": "1.1.0", "versionType": "semver", "lessThanOrEqual": "1.1.6"}, {"status": "affected", "version": "1.0.0", "versionType": "semver", "lessThanOrEqual": "1.0.7"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiPAM", "versions": [{"status": "affected", "version": "1.0.0", "versionType": "semver", "lessThanOrEqual": "1.0.3"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiOS", "versions": [{"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.12"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.14"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.16"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.16"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiOS version 7.4.1 or above \nPlease upgrade to FortiOS version 7.2.6 or above \nPlease upgrade to FortiSwitchManager version 7.2.3 or above \nPlease upgrade to FortiSwitchManager version 7.0.3 or above \nPlease upgrade to FortiProxy version 7.2.6 or above \nPlease upgrade to FortiProxy version 7.0.12 or above \nPlease upgrade to FortiPAM version 1.1.1 or above \nPlease upgrade to FortiSASE version 22.4 or above \n"}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-137", "name": "https://fortiguard.com/psirt/FG-IR-23-137"}], "descriptions": [{"lang": "en", "value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-134", "description": "Execute unauthorized code or commands"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-05-14T16:19:21.747Z"}}}, "cveMetadata": {"cveId": "CVE-2023-36640", "state": "PUBLISHED", "dateUpdated": "2024-08-02T16:52:54.010Z", "dateReserved": "2023-06-25T18:03:39.227Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2024-05-14T16:19:21.747Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "22936F53-4480-4011-9211-174D1C507E87", "versionEndIncluding": "1.0.7", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6BBF05F-4967-4A2E-A8F8-C2086097148B", "versionEndIncluding": "1.1.6", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "33B84D9A-55E3-4146-A55A-ACB507E61B05", "versionEndIncluding": "1.2.13", "versionStartIncluding": "1.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "3158CE17-3505-4946-9DC9-99FDF741AB4C", "versionEndIncluding": "2.0.14", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E1251FE-2B46-46AA-B474-506B0079810D", "versionEndIncluding": "7.0.10", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D78C235-F7F5-4611-8467-0CC4F0F69111", "versionEndIncluding": "7.2.4", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*", "matchCriteriaId": "73C906E2-943B-4710-832D-C29CF175F9BC", "versionEndIncluding": "1.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EA5512D-6EE5-4DF3-A960-C02394F25225", "versionEndIncluding": "6.0.16", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "E96C569E-0642-4FDD-B65F-A5926B69021A", "versionEndIncluding": "6.2.16", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574", "versionEndIncluding": "6.4.14", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA582D59-C740-4AE7-83CA-C09A1D0EDA88", "versionEndIncluding": "7.0.12", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands"}, {"lang": "es", "value": "Un uso de cadena de formato controlada externamente en las versiones Fortinet FortiProxy 7.2.0 a 7.2.4, 7.0.0 a 7.0.10, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13, 1.1.0 a 1.1. 6, 1.0.0 a 1.0.7, versiones de FortiPAM 1.0.0 a 1.0.3, versiones de FortiOS 7.2.0, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, 6.0.0 a 6.0.16 permite al atacante ejecutar c\u00f3digo o comandos no autorizados mediante comandos especialmente manipulados"}], "id": "CVE-2023-36640", "lastModified": "2024-05-23T17:46:46.207", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2024-05-14T17:15:16.640", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-137"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "psirt@fortinet.com", "type": "Primary"}]}