An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.0.5 through 3.0.7 may allows attacker to execute unauthorized code or commands via CLI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-411 |
History
Mon, 23 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet fortisandbox |
|
CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fortinet
Fortinet fortisandbox |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:23.806Z
Updated: 2024-08-02T21:09:37.377Z
Reserved: 2023-11-06T10:35:25.828Z
Link: CVE-2023-47540
Vulnrichment
Updated: 2024-08-02T21:09:37.377Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:27.833
Modified: 2024-12-23T14:55:53.860
Link: CVE-2023-47540
Redhat
No data.