A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-260 |
History
Tue, 14 Jan 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 14 Jan 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests. | |
First Time appeared |
Fortinet
Fortinet fortiswitch |
|
Weaknesses | CWE-321 | |
CPEs | cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Fortinet
Fortinet fortiswitch |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2025-01-14T14:09:30.417Z
Updated: 2025-01-14T20:55:06.579Z
Reserved: 2023-07-11T08:16:54.093Z
Link: CVE-2023-37936
Vulnrichment
Updated: 2025-01-14T15:18:44.821Z
NVD
Status : Received
Published: 2025-01-14T14:15:26.790
Modified: 2025-01-14T14:15:26.790
Link: CVE-2023-37936
Redhat
No data.