CVE-2023-47534 - Vulnerability Details - OpenCVE

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00248.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Forticlient Endpoint Management Server

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:forticlient_endpoint_management_server::::::::
	cpe:2.3:a:fortinet:forticlient_endpoint_management_server::::::::
	cpe:2.3:a:fortinet:forticlient_endpoint_management_server::::::::
	cpe:2.3:a:fortinet:forticlient_endpoint_management_server::::::::
	cpe:2.3:a:fortinet:forticlient_endpoint_management_server::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-51645	A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.

Fixes

Solution

Please upgrade to FortiClientEMS version 7.2.3 or above Please upgrade to FortiClientEMS version 7.0.11 or above

Workaround

No workaround given by the vendor.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-23-390

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-03-12T15:09:19.802Z

Updated: 2024-08-12T18:01:16.372Z

Reserved: 2023-11-06T10:35:25.827Z

Link: CVE-2023-47534

Vulnrichment

Updated: 2024-08-02T21:09:37.346Z

NVD

Status : Modified

Published: 2024-03-12T15:15:46.770

Modified: 2024-11-21T08:30:24.837

Link: CVE-2023-47534

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-47534", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-11-06T10:35:25.827Z", "datePublished": "2024-03-12T15:09:19.802Z", "dateUpdated": "2024-08-12T18:01:16.372Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiClientEMS", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.2", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.10", "status": "affected"}, {"versionType": "semver", "version": "6.4.7", "lessThanOrEqual": "6.4.9", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.4", "status": "affected"}, {"versionType": "semver", "version": "6.2.6", "lessThanOrEqual": "6.2.9", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.4", "status": "affected"}, {"version": "6.0.8", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.6", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-03-12T15:09:19.802Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1236", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:U/RC:R"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiClientEMS version 7.2.3 or above \nPlease upgrade to FortiClientEMS version 7.0.11 or above \n"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-390", "url": "https://fortiguard.com/psirt/FG-IR-23-390"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:09:37.346Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-390", "url": "https://fortiguard.com/psirt/FG-IR-23-390", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "fortinet", "product": "forticlient_endpoint_management_server", "cpes": ["cpe:2.3:a:fortinet:forticlient_endpoint_management_server:6.0.8:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0.8", "status": "affected"}]}, {"vendor": "fortinet", "product": "forticlient_endpoint_management_server", "cpes": ["cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "7.2.0", "status": "affected", "lessThanOrEqual": "7.2.2", "versionType": "semver"}, {"version": "7.0.0", "status": "affected", "lessThanOrEqual": "7.0.10", "versionType": "semver"}, {"version": "6.4.7", "status": "affected", "lessThanOrEqual": "6.4.9", "versionType": "semver"}, {"version": "6.4.0", "status": "affected", "lessThanOrEqual": "6.4.4", "versionType": "semver"}, {"version": "6.2.6", "status": "affected", "lessThanOrEqual": "6.2.9", "versionType": "semver"}, {"version": "6.2.0", "status": "affected", "lessThanOrEqual": "6.2.4", "versionType": "semver"}, {"version": "6.0.0", "status": "affected", "lessThanOrEqual": "6.0.6", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-21T04:00:36.803943Z", "id": "CVE-2023-47534", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T18:01:16.372Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-390", "name": "https://fortiguard.com/psirt/FG-IR-23-390", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T21:09:37.346Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-47534", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-21T04:00:36.803943Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:forticlient_endpoint_management_server:6.0.8:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "forticlient_endpoint_management_server", "versions": [{"status": "affected", "version": "6.0.8"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "forticlient_endpoint_management_server", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.2"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.10"}, {"status": "affected", "version": "6.4.7", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.4"}, {"status": "affected", "version": "6.2.6", "versionType": "semver", "lessThanOrEqual": "6.2.9"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.4"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.6"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-12T17:49:55.702Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:U/RC:R", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Fortinet", "product": "FortiClientEMS", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.2"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.10"}, {"status": "affected", "version": "6.4.7", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.4"}, {"status": "affected", "version": "6.2.6", "versionType": "semver", "lessThanOrEqual": "6.2.9"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.4"}, {"status": "affected", "version": "6.0.8"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.6"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiClientEMS version 7.2.3 or above \nPlease upgrade to FortiClientEMS version 7.0.11 or above \n"}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-390", "name": "https://fortiguard.com/psirt/FG-IR-23-390"}], "descriptions": [{"lang": "en", "value": "A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1236", "description": "Execute unauthorized code or commands"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-03-12T15:09:19.802Z"}}}, "cveMetadata": {"cveId": "CVE-2023-47534", "state": "PUBLISHED", "dateUpdated": "2024-08-12T18:01:16.372Z", "dateReserved": "2023-11-06T10:35:25.827Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2024-03-12T15:09:19.802Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "AEDE19DC-94DB-4BEB-8439-C2BE06EF0625", "versionEndIncluding": "6.0.8", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "D16D1BDE-ED3A-472B-AE5D-9A22B330AD82", "versionEndIncluding": "6.2.9", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4FE4D98-C047-4A51-BFD2-99ADB9C18BCD", "versionEndIncluding": "6.4.9", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFFE2A11-EE49-46A4-A5C5-4D575CF40C02", "versionEndIncluding": "7.0.10", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient_endpoint_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "62920FE9-2E6A-48BB-A8F7-C57595C862C4", "versionEndIncluding": "7.2.2", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets."}, {"lang": "es", "value": "Una neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en un archivo csv en Fortinet FortiClientEMS versi\u00f3n 7.2.0 hasta 7.2.2, 7.0.0 hasta 7.0.10, 6.4.0 hasta 6.4.9, 6.2.0 hasta 6.2.9, 6.0.0 hasta 6.0.8 permite al atacante ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de paquetes especialmente manipulados."}], "id": "CVE-2023-47534", "lastModified": "2024-11-21T08:30:24.837", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-12T15:15:46.770", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-390"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-390"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1236"}], "source": "psirt@fortinet.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1236"}], "source": "nvd@nist.gov", "type": "Primary"}]}