CVE-2023-33299

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-23-074	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac:7.2.0:::::::*
	cpe:2.3:a:fortinet:fortinac:7.2.1:::::::*
	cpe:2.3:a:fortinet:fortinac:8.3.7:::::::*
	cpe:2.3:a:fortinet:fortinac:9.4.0:::::::*
	cpe:2.3:a:fortinet:fortinac:9.4.1:::::::*
	cpe:2.3:a:fortinet:fortinac:9.4.2:::::::*

History

03 Jul 2023, 18:59

Type	Values Removed	Values Added
CWE		CWE-502
First Time		Fortinet Fortinet fortinac
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
CPE		cpe:2.3:a:fortinet:fortinac:9.4.2:::::::* cpe:2.3:a:fortinet:fortinac:7.2.1:::::::* cpe:2.3:a:fortinet:fortinac:9.4.0:::::::* cpe:2.3:a:fortinet:fortinac:9.4.1:::::::* cpe:2.3:a:fortinet:fortinac:7.2.0:::::::* cpe:2.3:a:fortinet:fortinac:8.3.7:::::::* cpe:2.3:a:fortinet:fortinac::::::::
References	~~(MISC) https://fortiguard.com/psirt/FG-IR-23-074 -~~	(MISC) https://fortiguard.com/psirt/FG-IR-23-074 - Vendor Advisory

23 Jun 2023, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-23 08:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-33299

Mitre link : CVE-2023-33299

CVE.ORG link : CVE-2023-33299

JSON object : View

Products Affected

fortinet

fortinac

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2023-33299", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-06-23T08:15:09.483", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-074", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}, {"type": "Secondary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed."}], "lastModified": "2023-11-07T04:14:50.620", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8292B841-851C-42C2-AF13-17AB2FA894CD", "versionEndIncluding": "8.5.4", "versionStartIncluding": "8.5.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95E75B88-1750-4FB6-BCE4-74B69D93C918", "versionEndIncluding": "8.6.5", "versionStartIncluding": "8.6.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BD32B25-76B4-4D6E-BB5C-065070297058", "versionEndIncluding": "8.7.6", "versionStartIncluding": "8.7.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46929BE3-0396-4B8A-9889-9F6CA73FAD4E", "versionEndIncluding": "8.8.11", "versionStartIncluding": "8.8.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D101F116-0C73-401E-9882-8BA2F403FA4E", "versionEndIncluding": "9.1.9", "versionStartIncluding": "9.1.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B341AE7E-48F1-4ABE-891F-F9D543D19E29", "versionEndIncluding": "9.2.7", "versionStartIncluding": "9.2.0"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFF5B4CF-5BF9-4852-BD4F-5A27FD17EDC2"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:7.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C3107FF-B414-4C7C-BD97-AC102A744B1A"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:8.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "952F266E-0E48-4D69-81E0-9F813B60AC3E"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E12E11B0-E21A-4124-9DF9-FF268BB19813"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4648F862-AB8C-4B8D-8F2D-5D2641F08845"}, {"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B0251A8-1E8B-4B4A-962F-3E5950601814"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}