CVE-2024-33509 - Vulnerability Details - OpenCVE

An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF).

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00147.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortiweb

Configuration 1 [-]

cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-31247	An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF).

Fixes

Solution

Please upgrade to FortiWeb version 7.2.2 or above

Workaround

No workaround given by the vendor.

References

Link	Providers
https://fortiguard.fortinet.com/psirt/FG-IR-22-326

History

Mon, 09 Sep 2024 17:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortinet Fortinet fortiweb
CPEs		cpe:2.3:a:fortinet:fortiweb::::::::
Vendors & Products		Fortinet Fortinet fortiweb

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-07-09T15:33:24.418Z

Updated: 2024-08-02T02:36:02.831Z

Reserved: 2024-04-23T14:18:29.831Z

Link: CVE-2024-33509

Vulnrichment

Updated: 2024-08-02T02:36:02.831Z

NVD

Status : Modified

Published: 2024-07-09T16:15:05.950

Modified: 2024-11-21T09:17:02.900

Link: CVE-2024-33509

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-33509", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2024-04-23T14:18:29.831Z", "datePublished": "2024-07-09T15:33:24.418Z", "dateUpdated": "2024-08-02T02:36:02.831Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiWeb", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.10", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.3", "status": "affected"}, {"versionType": "semver", "version": "6.3.0", "lessThanOrEqual": "6.3.23", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF)."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-07-09T15:33:24.418Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-295", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:R"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiWeb version 7.2.2 or above \n"}], "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326"}]}, "adp": [{"affected": [{"vendor": "fortinet", "product": "fortiweb", "cpes": ["cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.2.0", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.3.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-09T15:48:02.416435Z", "id": "CVE-2024-33509", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T15:04:39.003Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:36:02.831Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:36:02.831Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-33509", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-09T15:48:02.416435Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*"], "vendor": "fortinet", "product": "fortiweb", "versions": [{"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.3.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-09T18:23:51.648Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:R", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Fortinet", "product": "FortiWeb", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.1"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.10"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.3"}, {"status": "affected", "version": "6.3.0", "versionType": "semver", "lessThanOrEqual": "6.3.23"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiWeb version 7.2.2 or above \n"}], "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326", "name": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326"}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-07-09T15:33:24.418Z"}}}, "cveMetadata": {"cveId": "CVE-2024-33509", "state": "PUBLISHED", "dateUpdated": "2024-08-02T02:36:02.831Z", "dateReserved": "2024-04-23T14:18:29.831Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2024-07-09T15:33:24.418Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "matchCriteriaId": "41F978BE-CB8B-4B00-AC72-1FE4ABD134DE", "versionEndExcluding": "7.2.2", "versionStartIncluding": "6.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiWeb 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions and 6.3 all versions may allow a remote and unauthenticated attacker in a Man-in-the-Middle position to decipher and/or tamper with the communication channel between the device and different endpoints used to fetch data for Web Application Firewall (WAF)."}, {"lang": "es", "value": "Una vulnerabilidad de validaci\u00f3n de certificado incorrecta [CWE-295] en FortiWeb 7.2.0 a 7.2.1, 7.0 todas las versiones, 6.4 todas las versiones y 6.3 todas las versiones puede permitir que un atacante remoto y no autenticado en una posici\u00f3n de intermediario descifre y/o alterar el canal de comunicaci\u00f3n entre el dispositivo y los diferentes endpoints utilizados para recuperar datos para el firewall de aplicaciones web (WAF)."}], "id": "CVE-2024-33509", "lastModified": "2024-11-21T09:17:02.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-09T16:15:05.950", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.fortinet.com/psirt/FG-IR-22-326"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}