A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-398 |
History
Wed, 23 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-01-02T08:18:49.444Z
Updated: 2024-10-23T13:27:24.950Z
Reserved: 2022-10-07T14:05:36.301Z
Link: CVE-2022-42475
Vulnrichment
Updated: 2024-08-03T13:10:40.927Z
NVD
Status : Modified
Published: 2023-01-02T09:15:09.490
Modified: 2024-11-21T07:25:02.680
Link: CVE-2022-42475
Redhat
No data.