A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-23-097 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
20 Jun 2023, 19:33
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
First Time |
Fortinet fortios
Fortinet fortiproxy Fortinet Fortinet fortios-6k7k |
|
References | (MISC) https://fortiguard.com/psirt/FG-IR-23-097 - Vendor Advisory | |
CPE | cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.4.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.4.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.15:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.2.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.16:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.0.14:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortios-6k7k:6.2.4:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
13 Jun 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-13 09:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-27997
Mitre link : CVE-2023-27997
CVE.ORG link : CVE-2023-27997
JSON object : View
Products Affected
fortinet
- fortios-6k7k
- fortiproxy
- fortios